Red Hat Working On Optimizing KVM Virtualization Performance Stemming From Spectre

Phoronix | September 23, 2019

Red Hat's Andrea Arcangeli sent out an interesting patch series on Friday to micro-optimize the Kernel-based Virtual Machine (KVM) to enhance the VMEXIT performance in wake of Spectre mitigations. The "KVM monolithic" patch series ends up linking the KVM common code both into kvm-intel and kvm-amd so that the common "kvm" kernel module can be dropped. This occupies more disk space but should yield better run-time performance particularly for systems mitigated against Spectre Variant Two. For default Spectre V2 mitigations with Retpolines, this change has a surprising impact on the Intel and AMD virtualization performance for KVM. Andre noted, "This improves the vmexit performance by two digits percent on microbenchmarks with the spectre_v2 default mitigation on both VMX and SVM.

Spotlight

VMware is a California based company founded in 1998 that specializes in providing a platform for the virtualization of IT infrastructure. The company is known worldwide for the vSphere VMware Hypervisor which enables the virtualization of practically any x86 or x64 architecture. Since 1998, VMware’s growth has been unprecedented. It was acquired by EMC in 2004 (EMC was acquired by Dell in 2016), and since these acquisitions, many more products have been added to the VMware inventory. VMware now has a major presence in private data centers, cloud management services, virtualized storage and networking, as well as desktop software.


Other News
VMWARE

VMware Announces Settlement of Previously Disclosed Investigation by the Securities and Exchange Commission

VMware | September 16, 2022

VMware, Inc. announced that it has reached a settlement with the U.S. Securities and Exchange Commission (the “SEC”) to resolve a previously disclosed investigation related to the Company’s backlog disclosures in public filings for its 2019 and 2020 fiscal years, which ran from February 3, 2018 through January 31, 2020. Under the terms of the settlement, the Company has agreed to pay a civil monetary penalty of $8 million without admitting or denying the SEC’s findings, which relate to the Company's disclosures. The SEC’s findings do not include any findings that the Company failed to comply with generally accepted accounting principles. The SEC Staff has confirmed that it does not intend to recommend enforcement action against any current or former VMware officers or other member of management in connection with the investigation, and this settlement concludes the matter. VMware believes this settlement is the right course of action for the Company and continues to be committed to operating at the highest level of integrity, including with respect to its public filings and communications with investors. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More

VIRTUAL DESKTOP TOOLS

VNET Announces Changes to Leadership Team

VNET Group | September 26, 2022

VNET Group, Inc. a leading carrier- and cloud-neutral Internet data center services provider in China, today announced that Mr. Samuel Yuan-Ching Shen decided to resign from his positions as the Company's Chief Executive Officer and Executive Chairman of Retail IDC Business Group due to personal reasons, and he will remain with the Company as a senior advisor to the senior management. Mr. Jeff Dong, the Company's president, has been appointed to succeed Mr. Shen as the Company's Chief Executive Officer, effective immediately. "I would like to thank Samuel for his contributions and dedication to our success throughout his tenure. His leadership has been instrumental in driving value and growth for VNET. We look forward to his ongoing guidance in his new role as our senior advisor." Mr. Josh Sheng Chen, Founder and Chairman of VNET "Meanwhile, I am pleased to welcome Jeff to the executive leadership team. We are confident that Jeff's extensive industry insight and deep investment expertise, acquired over a long and illustrious professional career, will continue to drive our dual-core growth strategy and fuel our ongoing commitment to achieving sustainable growth and long-term shareholder value." Mr. Jeff Dong has served as president of the Company and chief executive officer of VNET Capital since June 2022. Prior to joining the Company, Mr. Dong served as the head of the real assets investment department of Taiping Capital Asset Management, a subsidiary of China Taiping Insurance Group, from June 2020 to June 2022. Mr. Dong has extensive experience in real assets investment in infrastructure, TMT and new energy sectors. Mr. Dong's related experience spans more than 15 years, including over a decade serving in various roles at China Investment Corporation, a sovereign wealth fund of China. Mr. Dong received his Ph.D. from Manchester Business School. About VNET VNET Group, Inc. is a leading carrier- and cloud-neutral Internet data center services provider in China. VNET provides hosting and related services, including IDC services, cloud services, and business VPN services to improve the reliability, security, and speed of its customers' internet infrastructure. Customers may locate their servers and equipment in VNET's data centers and connect to China's internet backbone. VNET operates in more than 30 cities throughout China, servicing a diversified and loyal base of over 6,500 hosting and related enterprise customers that span numerous industries ranging from internet companies to government entities and blue-chip enterprises to small- to mid-sized enterprises.

Read More

VPN

Veracode Launches Container Security Offering That Secures Cloud-Native Application Development

Veracode | October 11, 2022

Veracode, a leading global provider of application security testing solutions, today announced the enhancement of its Continuous Software Security Platform to include container security. This early access program for Veracode Container Security is now underway for existing customers. The new Veracode Container Security offering, designed to meet the needs of cloud-native software engineering teams, addresses vulnerability scanning, secure configuration, and secrets management requirements for container images. Veracode Chief Product Officer, Brian Roche, said, “As developers embrace cloud-native computing practices, containers have become increasingly important for business efficiency. This launch helps close a substantial gap in the market for developer-friendly solutions that cover critical capabilities for container security. We are excited to bring this next enhancement of our platform to the market and empower customers to address security testing for more modern architectures and deployment styles.” The Requirement for Container Security is Rapidly on the Rise Containers are increasingly used to simplify software deployment and runtime environment configuration management. They comprise small, fast, portable units of software in which code is packaged so that an application can be run quickly and reliably in different computing environments—from the desktop to the cloud. They provide an ecosystem of repositories, orchestration technologies, and capabilities that address related issues, such as service-to-service communication and configuration management. Instantiated in pipelines from code, containers have the benefit of immutability, meaning they are not updated, reconfigured or patched in production. Instead, the underlying image is updated with new capabilities and redeployed, helping to improve efficiency in the production environment. Despite the benefits of containers, they are affected by many of the same problems that traditionally plague physical production or virtual server hardware, such as vulnerabilities introduced through additional software, poorly managed secrets (like Amazon Web Services keys and credentials in Dockerfiles), and security misconfigurations. This has resulted in increased demand for products that address these issues and related problems, with the Global Container Security Market size expected to reach $3.9 billion by 2027*. Container security scanning analyzes container images against organizational or industry-specific standards to identify insecure processes, misconfigurations that could lead to a vulnerability, and inadequate authentication and access control. Veracode Container Security Integrates into the Developer Environment Many products already in the market are aimed at securing containers in runtime and offer limited support for developers, posing a major challenge for early remediation. Veracode’s solution instead integrates into the CI/CD (continuous integration and continuous delivery) pipeline and is available at the command line interface. Providing coverage for vulnerability detection and remediation, secrets management, and security configuration issues on the most popular operating systems, it delivers remediation advice to developers early in the software development life cycle so that insecure containers don’t ship to production. Veracode Container Security results are available in a variety of formats based on the user’s choice, including text, JSON (JavaScript Object Notation), and Software Bill of Materials (CycloneDX, SWID [Software Identification Tagging], or SPDX [Software Packaging Data Exchange]), making them easy to integrate with other tools. Providing developers and their teams with the tools to meet their specific needs means they can find and fix vulnerabilities early in the lifecycle, giving them confidence that their containerized application environment is secure. “Veracode Container Security will be instrumental for our developers to ensure that the workloads they deploy into our cloud are secure,” said the Director of Information Security at an automotive company. “Without this tool, it would take our team weeks to receive and action container results and these would only have been available in limited formats. Now, we’re excited to integrate findings into the pipeline before they even move into production, creating time and cost efficiencies for our business.” About Veracode Veracode is a leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.

Read More

VPN

Kaspersky launches new VPN to amplify speed and convenience

Kaspersky | October 21, 2022

Today Kaspersky unveiled a new version of Kaspersky VPN Secure Connection, which introduces a dramatic 200% boost in VPN tunnel performance, compared to 2020. A split tunneling feature grants users the ability to prioritize secure connection traffic for certain services, while a VPN-for-routers capability automatically re-routes any connected device at home. Global VPN usage is on the rise, with the market set to reach a colossal $77.1 billion by 2026. This comes as no surprise, since installing a VPN provides a quick and easy way to improve security and prevent data from falling into the wrong hands. It does this by routing data through an encrypted tunnel, which hides the IP address and makes it look as though the connection has come from elsewhere. Alongside the performance increase, the updated Kaspersky VPN Secure Connection’s split tunnelling feature allows users to select exactly what traffic goes through the VPN. This will help to achieve better performance, letting the user prioritize high-bandwidth traffic, focus on data in sensitive apps and disable the VPN for other apps that might be reliant on location data. The geography of servers within Kaspersky VPN Secure Connection has also been greatly increased, now offering 86 locations across 68 regions. This lets users access a wider range of content on the biggest global streaming services, including Netflix, Hulu, Amazon Prime, HBO Max, Disney+ and BBC iPlayer. An intuitive new function of the VPN helps customers to pick the best location for a particular task by recommending the one that provides the best performance level for either streaming or torrenting. Additionally, the VPN for routers now allows all devices connected to home Wi-Fi to run through the VPN automatically, without having to setup each one individually. This feature is particularly useful for smart TVs, smart locks, and other smart home gadgets, on which a user cannot install a VPN directly, therefore providing uninterrupted privacy and security to these devices. “As people continue to work from home and spend more time online, an increased importance is placed on keeping their data private as well as securing connected home devices,To support consumers with their needs, we’ve invested a lot into improvement of our Kaspersky VPN. As a result, consumers can experience boosted VPN tunnel performance, with a 200% increase compared to 2020. The VPN also sees new features and better UX to ensure speed, privacy and high performance across all home devices.” Marina Titova, vice president, consumer product marketing at Kaspersky About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them.

Read More

Spotlight

VMware is a California based company founded in 1998 that specializes in providing a platform for the virtualization of IT infrastructure. The company is known worldwide for the vSphere VMware Hypervisor which enables the virtualization of practically any x86 or x64 architecture. Since 1998, VMware’s growth has been unprecedented. It was acquired by EMC in 2004 (EMC was acquired by Dell in 2016), and since these acquisitions, many more products have been added to the VMware inventory. VMware now has a major presence in private data centers, cloud management services, virtualized storage and networking, as well as desktop software.

Resources