Amd patches epyc cpu secure encrypted virtualization exploit that could leak secret keys

Amd | June 28, 2019

AMD has begun pushing out a firmware fix for its EPYC server processors that addresses the way the chips provide Secure Encrypted Virtualization (SEV). Left unpatched, an attacker could leverage the vulnerability to recover a secure key, which could then be used to access an isolated virtual machine (VM) on a targeted system.SEV is a feature that uses one security key per VM to isolate guests and the hypervisor from one another. Those keys are managed by the AMD Secure Processor. It is a hardware-level feature that gives each guest VM its own security key to encrypt and decrypt portions of RAM as needed. The idea is to protect data in memory from being accessed by unauthorized users.

Spotlight

The information contained in this document represents the current view of OpsLogix on the issues discussed as of the date of publication and is subject to change at any time without notice to you. This document and its contents are provided AS IS without warranty of any kind, and should not be interpreted as an offer or commitment on the part of OpsLogix, and OpsLogix cannot guarantee the accuracy of any information presented


Other News
VIRTUAL DESKTOP TOOLS

Fortinet is the Fastest Growing ZTNA Vendor, Customers Highlight the Benefits of Fortinet Universal ZTNA

Fortinet | August 18, 2022

Fortinet a global leader in broad, integrated and automated cybersecurity solutions, today announced accelerated momentum of Fortinet Universal ZTNA and its ability to provide secure access for any user anywhere, whether they are remote or in the office. In fact, according to the latest Gartner report on enterprise network equipment market share, Fortinet is among the highest five global ZTNA vendors, with the fastest growing revenue of any vendor quarter-over-quarter from 4Q21-1Q22 and year-over-year from 1Q21-1Q22.1 Fortinet attributes this growth to its differentiated approach to ZTNA that supports secure application access for any user in any location, lower total cost of ownership, more seamless transition from VPN, and integration with the Fortinet Security Fabric, including Fortinet Secure SD-WAN. ZTNA emerges as a top solution to implement Zero Trust principles Organizations of all sizes are adopting Zero Trust as a corporate security strategy to enable digital acceleration, support remote and hybrid work, and reduce risk. According to Gartner, “60% of organizations will embrace Zero Trust as a starting point for security by 2025. More than half will fail to realize the benefits.”2 While transitioning from implicit trust to an explicit Zero Trust model is a top strategic concern, most organizations – over 80% according to a January 2022 Zero Trust survey from Fortinet – have found it difficult to execute. ZTNA has emerged as a top technology adopted by organizations as a first step to implementing zero trust principles to the corporate network. Secure access for any user anywhere with Fortinet Universal ZTNA At an increasing rate, organizations seeking to reduce their risk profile by building a zero trust architecture are turning to Fortinet Universal ZTNA. Key benefits of Fortinet’s solution include: Consistent user experience in all work locations: Unlike cloud-only ZTNA, Fortinet Universal ZTNA delivers universal enforcement and the same user experience and security policies whether employees are located in densely populated offices, working remotely from home, or on the road. Easy transition from VPN to ZTNA: Because VPN and ZTNA are managed by the same integrated client from Fortinet FortiClient organizations can transition application access seamlessly and at their own pace. Existing Fortinet customers can immediately access ZTNA: Customers with existing FortiGate and FortiClient investments already have what they need to start applying Fortinet Universal ZTNA, an unlicensed feature. ZTNA integrated with SD-WAN: Fortinet is the only vendor delivering ZTNA, SD-WAN, and enterprise-grade security that is integrated by a single operating system to more effectively support secure application access and application steering. All three SD-WAN for connectivity, ZTNA for secure access, and enterprise-grade security for traffic inspection and protection can be configured, orchestrated, and managed using the same centralized console. Powerful networking and security convergence enabled by FortiOS everywhere: With Fortinet Universal ZTNA, Fortinet continues its legacy of delivering solutions that converge networking and security across its FortiGate platform. This convergence is powered by a single operating system—FortiOS—across all FortiGate form factors, including appliances, virtual machines, container solutions, SASE, and cloud deployments, to deliver coordinated security policies and consistent user experience. “Fortinet Universal ZTNA delivers the most complete support for work-from-anywhere by delivering a universal approach to ZTNA that is consistent on-prem, in the cloud or as a service via SASE. Because cloud-only ZTNA solutions aren’t able to adequately support in-office workers and do so at a high cost, we’re seeing an increasing adoption of Fortinet Universal ZTNA to support today’s hybrid workforce.” John Maddison, EVP of Products and CMO at Fortinet Customer and Partner Validation of Fortinet Universal ZTNA Organizations around the world rely on Fortinet Universal ZTNA to improve secure access to applications. Current Fortinet customers highlight the value of Fortinet’s offering: “We are drawn to Fortinet Universal ZTNA because it will allow us to control application access for both on-campus and remote users. Having ZTNA on-prem and in the cloud means we’re able to better ensure our hybrid workforce has access to the applications they need while keeping our network more secure and easier to manage and control with less resources. The ability to use the Fortinet gear we already have to apply ZTNA enforcement is really appealing.” - Tal David, Networking and Security Global Manager at Sapiens “We’re currently migrating away from our existing VPN solution to FortiClient with connections through our FortiGates. Because Fortinet delivers several security capabilities from a single agent, we will be removing multiple other security agents. And because the ZTNA agent is a part of FortiClient, we will more easily control our shift from traditional VPN to an easier to manage ZTNA with a more seamless end-user experience. Being able to implement granular control of user-to-application access at our own pace will make a big difference in our plans to reduce security risk in our network.” - JP DiCicco, IT Infrastructure Operations Manager at RES Americas “We were really attracted to the Security Fabric concept of the Fortinet solution and how those products all talk to each other and react in real-time based on their observance of threats. That along with the common management interface for the whole suite of products made it a really easy decision for us. Because of the integrated nature of Fortinet’s products, adding on ZTNA to further improve our security posture with granular access control is seamless.” - Colby Cousens, IT Director at Town of Danvers, Massachusetts Fortinet’s partners are also leveraging Fortinet Universal ZTNA to support their customers: “Fortinet’s dedication to consistently converging networking and security via FortiGate allows us to deliver immense value to customers. Having access to next-gen firewalling, SD-WAN and ZTNA all in one location and on one operating system that’s consistent whether on-prem, in the cloud, or as a service means easier management, better user experience, and a higher security posture.” - Marc Jabian, Cybersecurity Practice Manager at Netsync About Fortinet Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 580,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.

Read More

VIRTUAL SERVER INFRASTRUCTURE

Liqid Welcomes VMware Cloud CTO to its Board of Directors

Liqid | June 03, 2022

LIQID Inc., one of the world’s leading software companies delivering data center composability, announced today that the company has welcomed VMware Cloud CTO Marc Fleischmann as a member of the company’s Board of Directors. With a technology career spanning IT infrastructure, cloud and data services, machine learning and analytics, and global IT business services, Fleischmann will collaborate with the Liqid Board and the company’s leadership team to identify new opportunities to expand Liqid Matrix™ composable disaggregated infrastructure (CDI) software into new world-class solutions and services for Liqid’s customers and partners. “Marc’s expertise will be invaluable as Liqid continues to expand our footprint from edge to cloud and everywhere in between, and we are excited to welcome Marc to the Liqid board, As a technology leader at VMware, Marc intimately understands the challenges IT is facing and how new solutions like CDI are being incorporated into the data center in tandem with virtualization, artificial intelligence (AI), and other high-value applications. We look forward to working with him as CDI becomes central to evolving data center architectures.” Sumit Puri, CEO & Cofounder, Liqid At VMware, Fleischmann is the CTO for business franchises within the organization such as VMware Managed Cloud (VMC - on AWS, Azure, and GCP), the VMware Cloud Provider Program (VCPP, a $10B ecosystem), Cloud Foundation (VCF) private clouds, HCI, vSphere, and vSAN. Before joining VMware as Cloud CTO, Fleischman was founder and CEO for storage software company Datera, and social gaming company Smeet. Fleischmann is also a founder of Europe's largest open-source ecosystem hub, the Open Source Business Alliance, which has more than 150 active members across the continent. He has also held leadership positions at Innotek, Microsoft, Pixelworks, Transmeta, and HPE. “As AI is infused into every element of the enterprise, organizations need innovative new ways to approach infrastructure that are more dynamic and flexible, while also making responsible choices when weaving together solutions for sustainable data center ecosystems that can answer the proliferation of data,” Fleischmann said. “I look forward to working with the Liqid team to identify growth opportunities for their composable disaggregated infrastructure solutions, forge powerful industry alliances, and better understand how CDI thrives in an edge-to-cloud world.” Liqid Matrix software enables IT users to configure and scale bare-metal servers in seconds from pools of disaggregated compute, accelerator, storage, and networking resource pools to address business needs in real-time. Resources can be released when no longer needed, for use by other applications. This new approach to infrastructure management helps avoid the costly overprovisioning, power and cooling challenges, unlocking new levels of efficiency and sustainability. To learn more about how Liqid Matrix software solutions seamlessly integrate with VMware virtualization technologies, read this solutions brief. Schedule an appointment with an expert on solutions based on Liqid Matrix CDI software-based and set up a free infrastructure evaluation by going here. Follow Liqid on Twitter and LinkedIn to stay up to date with the latest Liqid news and industry insights. About Liqid Liqid’s composable infrastructure software platform, Liqid Matrix ™, unlocks cloud-like speed and flexibility plus higher efficiency from on-prem infrastructure. Now IT professionals can configure, deploy, and scale physical, bare-metal servers in seconds, then reallocate valuable accelerator and storage resources via software as needs evolve. Dynamically provision previously impossible systems or scale existing investments, and then redeploy resources where needed in real-time. Unlock cloud-like datacenter agility at any scale and experience new levels of resource and operational efficiency with Liqid.

Read More

VIRTUAL DESKTOP TOOLS

SmartX Releases HCI Kit Community Edition: Free HCI with Community Support

SmartX Inc | June 30, 2022

SmartX, a modern IT infrastructure innovator, has released the HCI Kit Community Edition, a free version of its hyperconvergence product SmartX HCI. The Community Edition includes core HCI software SMTX OS and management platform CloudTower. It is freely available, easy-to-deploy, feature-rich, and community-supported, providing easy access to hyperconvergence for worldwide users. The Community Edition allows users to experience core features of SmartX HCI, including SMTX OS (community edition) that provides compute virtualization, distributed block storage, as well as network & security. ELF: the native hypervisor that optimizes performance and streamlines operations & maintenance. ZBS: the distributed block storage with the reliability and high performance battle-tested in production across financial services and other industries. Everoute: the network and security product that provides micro-segmentation, securing east-west traffic with distributed firewalls for virtual machines. CloudTower (community edition) that provides multi-cluster management, capable of managing clusters across datacenters with one unified platform. Designed for anyone interested in experiencing HCI, the Community Edition can be installed to learn, evaluate, or use conveniently with zero cost. HCI enthusiasts could get hands-on experience and see how HCI achieves simplicity, flexibility, and efficiency; End users considering HCI products could compare it with other alternatives and run a proof-of-concept test, before making a decision; IT engineers could deploy it for Dev & Test, starting with a small scale. The installation and deployment of Community Edition are quite simple. It can be deployed on mainstream commercial x86 servers. The whole process takes approximately 2 hours*, users can check the minimum hardware requirements and guidance on the official website. The Community Edition offers a 30-day free trial, and before it expires, users could apply for a free community perpetual license. SmartX also supports users to switch to Commercial Editions seamlessly to unlock more advanced capabilities. Additionally, users could join SmartX Community on Slack, to get support from the community experts, and exchange ideas and feedback with professionals in IT infrastructure, distributed systems, and the cloud.

Read More

VIRTUAL DESKTOP TOOLS

Red River Named as a VMware Regional Academy for IT Support and Training

Red River | July 01, 2022

Red River, a technology transformation company serving government and enterprise customers, announced today that it has been designated as a VMware Regional Academy for IT support and training. In partnership with the VMware IT Academy, Red River will provide instructors and students at academic institutions with training and learning resources for high-demand IT skills such as digital workspace, application modernization and multi-cloud. VMware academic programs have created positive change throughout the pandemic, providing next-generation technology to academic institutions, allowing instructors to teach virtually and giving students access to industry certifications. “Red River understands the evolving needs of the IT Industry and its talent,” said Jackie Barker, Director of VMware IT Academy. “VMware IT Academy is thrilled to work with Red River to provide educational resources and experience to students in academia.” As a VMware Regional Academy for IT support, Red River will contribute to industry and economic development, providing skills to students seeking high-demand careers in areas such as cloud, dev ops, data, mobility and security. Red River will also support the remote delivery of VMware courses, helping students excel through online certification opportunities, hands-on labs and other VMware learning resources. “We are pleased to be a part of the Regional Academy, sharing years of technology expertise to benefit the next generation of IT professionals, This opportunity enables us to invest in our industry, so we can better prepare students for work and career growth in a digital world.” Richard Ackerman, Vice President of Workforce Development for Red River Red River’s workforce development program offers extensive training programs, new career opportunities and dedicated partnerships. The company is set on making a positive impact on employees, customers, partners and communities. To learn more about workforce development at Red River visit www.redriver.com/resources/workforce-development. For more information on the VMware IT Academy, visit https://www.vmware.com/company/it-academy.html. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. About Red River Red River brings together the ideal combination of talent, partners and products to disrupt the status quo in technology and drive success for business and government in ways previously unattainable. Red River serves organizations well beyond traditional technology integration, bringing 25 years of experience and mission-critical expertise in security, networking, analytics, collaboration, mobility and cloud solutions.

Read More

Spotlight

The information contained in this document represents the current view of OpsLogix on the issues discussed as of the date of publication and is subject to change at any time without notice to you. This document and its contents are provided AS IS without warranty of any kind, and should not be interpreted as an offer or commitment on the part of OpsLogix, and OpsLogix cannot guarantee the accuracy of any information presented

Resources