Security management, compliance and the cloud

Forrester Research analyzes the past, present and future of security information vendors and products Network/Systems Management Alert NetworkWorld.com | Network Management Research Center | Update Your Profile Sponsored by Network Instruments Performance Monitoring in Virtualized Environments Monitoring and maintaining virtual environments is a new challenge for network pros. Monitoring network and app traffic in an environment containing one-to-many relationships between virtual hosts and virtual machines presents concerns. This paper presents visibility options and their ramifications, and outlines new technology allowing visibility into external and internal traffic in a virtual environment. Spotlight Story Security management, compliance and the cloud By Denise Dubie SIM technology drew in enterprise security managers looking to reduce the noise among multiple security devices distributed in large environments, but lost some ground when IDS and IPS technology gained intelligence. Now cloud providers could get into the security management game. Read full story Denise Dubie is senior editor with Network World. Related News: How we tested security information management tools We brought all of the products into the production computing environment of a small multinational with six locations in five countries and ran them over the course of four months. Our environment consisted of a distributed range of devices including Linux machines (RedHat and SUSE), Microsoft Windows 2003 systems, VMware ESX servers, Cisco routers, switches (Cisco and HP), intrusion-detection systems, VPN devices (Cisco and Juniper), and firewalls (Cisco PIX and ASA models). PCI security standard gets flayed at House hearing The PCI standard, long touted as one of the private sector's best attempts to regulate itself on data security, is increasingly showing signs of coming apart at the seams. The legal implications of cloud security The legal implications of cloud security are wide ranging and potentially daunting - and there are no easy answers. Cloud security will supplant patching, says report author Patching alone will never solve the long-running headache of insecure software, the author of the influential Laws of Vulnerability 2.0 report has said. Eucalyptus cloud targets enterprise users The makers of Eucalyptus, the Linux-based open source cloud computing platform that now ships with Ubuntu, are targeting enterprise cloud computing with the launch of Eucalyptus Systems Inc. May Giveaways Cisco Subnet, Microsoft Subnet and Google Subnet are collectively giving away books on Google Apps Deciphered, the CCNA Security exam, an awesome SQL Server 2005/2008 training video and the grand prize, a Microsoft training course from New Horizons worth up to $2,500. Deadline for entries May 31. Network World on Twitter Get our tweets and stay plugged in to networking news. Evolution of Ethernet From 3Mbps over shared coax to 40/100Gbps over fiber…and beyond. Apple iPhoneys: The 4G edition iPhone enthusiasts from around the Web offer their visions for the next-gen iPhone. Sponsored by Network Instruments Performance Monitoring in Virtualized Environments Monitoring and maintaining virtual environments is a new challenge for network pros. Monitoring network and app traffic in an environment containing one-to-many relationships between virtual hosts and virtual machines presents concerns. This paper presents visibility options and their ramifications, and outlines new technology allowing visibility into external and internal traffic in a virtual environment. Network World's IT Resource Library Whether you're looking to gear up on one specific topic or you're trying to stay current on several areas, Network World's resource library has what you're looking for. Our comprehensive collection of resources will make your job easier. Visit Now DNS news and tips DNS is not secure and is extremely vulnerable. DNS is at the core of every connection we make on the Internet. While some servers are indeed vulnerable, because of inadequate management or knowledge, the real threat is from the protocol itself and how data is easily subverted or faked as it moves around the internet. Receive the latest DNS news and tips   05/13/09 Today's most-read stories: Microsoft: Corporate Vista testers should switch to Win 7 RC Inside a data leak audit PoE without the PoE switch Implications of proposed Cybersecurity Act of 2009, Part 1 Windows Mobile 6.5: me-too all over the place Purported BlackBerry 'Onyx' photos surface Data center 10G whets switching companies' appetites Cloud security demands greater scrutiny, Forrester says 4chan users trigger DDoS attack ... on 4chan Bill would turn Internet flamers into felons Network World on Twitter: Get our tweets and stay plugged in to networking news Everybody says "Do more with less!" But no one tells you how. We will and it costs nothing to find out at IT Roadmap Conference and Expo. Coming to 10 cities in 09. Register now, attend free Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now   This email was sent to security.world@gmail.com Complimentary Subscriptions Available for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge, Apply here. Terms of Service/Privacy   Subscription Services Update your profile To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. Unsubscribe Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701 Copyright Network World, Inc., 2009 www.networkworld.com