Effective construction of cloud storage in virtualization platform

Source: Internet
Author: User
Keywords Virtualization can security application
Tags access application applications based cloud cloud storage control controlling

Now, managers provide different workloads to end users, regardless of what hardware they are trying to manipulate and where to consume data from. In addition to server virtualization, new virtualization technologies go into modern data centers, including security virtualization, Application Virtualization, desktop virtualization, user virtualization, storage virtualization, and more.

By controlling data, applications, and even desktops in data centers, administrators can provide a secure look and feel for end users. By consolidating flexible virtualization-ready solutions, data center administrators suddenly have more tools available.

As with other technologies, virtualization in the workload must be a priority. Although this data is always stored at the data center level, this does not mean that an unexpected or malicious event does not occur. With this in mind, centralizing information in a virtual node allows administrators to develop new types of security methods. This means that policies will need to evolve and new layers of cloud security need to be adopted.

Create good policies. Virtualization can serve as a mechanism to provide BYOD data. Be sure to remind users that although the devices they use may belong to themselves, the information they are accessing is still part of the organization. This means that if users remotely access virtual applications or virtual desktops, they must know their connection and their surroundings. Can expand the use of computer policies to help support and cover BYOD initiatives. In these policies, it is important to explain how to use and monitor virtual desktops and applications. Virtualization and the delivery of information require it to rethink security and end-user policy. Keep in mind that even if this data is the end point, the new type of security threat always targets the hottest new technology.

Use the next generation of security technology. Although some of the fashion of the suspicion, the next generation of security technology behind the idea is very realistic. Not just a standard physical firewall, the next generation of security will be updated, advanced scanning engine, virtualization technology, and better visibility into the cloud. For example, administrators can integrate mobile and device management solutions to monitor all BYOD devices. Some of these devices may only access e-mail, while others may need access to applications and desktops. These management platforms can check the OS version and even see if the device is already root. In addition, next-generation security devices now provide more advanced access audit policies. Administrators can set up 4 policy entry points. If a device passes through only two of them, it may be able to access only a subset of the environment. These metrics range from having the right AV (Application Virtualization) database to the operating system version and patch level-even to the location of the device.

Control your cloud. Make sure your virtual infrastructure needs to be proactive. To do this, the virtualization infrastructure must have appropriate control mechanisms. Active alerts and alarms should be configured for resource utilization, access, workload/hardware notifications. The monitored environment allows administrators to see the peak of data usage (including LAN and WAN), where users are accessed, and to continuously monitor data types that go in and out of the data center. Virtualization allows the creation of a logical layer that can be better monitored because policies can be put in place to trigger improved alerts and notifications. With better control over your cloud, virtualization can help administrators build a stronger infrastructure based on active security best practices.

Use Smart Av. The mere virtualization of a desktop or application does not mean that it is not vulnerable to malicious attacks. The traditional AV engine has always been a bit bulky and resource-intensive. The new technology skips a lot of resource utilization and becomes more virtualization-aware. For example, the virtualization-aware AV engine can run at the hypervisor level, scanning all incoming and outgoing VM traffic. Trend technology launched by the depth of the security protection system deep secure platform to do this. This integrates directly with VMware tools to facilitate the hypervisor layer's virtualization readiness security. Another good example is the 5nine security model and how it interacts with Hyper-V. This way, the administrator does not have to really install AV clients on the workload. Because of this, the AV process has become more streamlined and efficient. Now, the security and efficiency of your virtualization platform has reached a new level.

Lock applications, desktops, and users. The reality of locking the environment needs to evolve with virtualization. Working with virtual desktops and virtual applications, workloads can be locked based on their location, the type of access that the device requests, and the user Group Policy settings. In fact, based on a user or application-the entire menu item or part of an application can be locked. Depending on your organization and the type of application/desktop you are deploying, you may have different levels of security requirements. From the end-user's point of view, it is important to create a safe and very practical environment. End users can be controlled by effective measures to deploy user virtualization. This means that user settings, preferences, network settings, and other personalized options can be migrated with the user. In addition, these settings can be very finely controlled. Admin can lock everything from application menu items to using USB keys or ports.

Keep in mind that administrators should take the same proactive precautions to protect their environment, even if they are stored in a dataset. Good management plan, reliable update cycle and regular testing are good measures to ensure preventative maintenance is progressing with time. Cloud is not perfect, so in designing a security policy, being proactive can save time and money, and more importantly, reduce downtime due to security issues.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.