One of the biggest buzzwords in the IT industry for the past few years, virtualization has matured into a practical requirement for many best-practice business scenarios, becoming an invaluable tool for security professionals at companies of every size. In addition to saving time and other resources, virtualization affords unprecedented means for intrusion and malware detection, prevention, recovery, and analysis. Taking a practical approach in a growing market underserved by books, this hands-on title is the first to combine in one place the most important and sought-after uses of virtualization for enhanced security, including sandboxing, disaster recovery and high availability, forensic analysis, and honeypotting.
Already gaining buzz and traction in actual usage at an impressive rate, Gartner research indicates that virtualization will be the most significant trend in IT infrastructure and operations over the next four years. A recent report by IT research firm IDC predicts the virtualization services market will grow from $5.5 billion in 2006 to $11.7 billion in 2011. With this growth in adoption, becoming increasingly common even for small and midsize businesses, security is becoming a much more serious concern, both in terms of how to secure virtualization and how virtualization can serve critical security objectives.
Titles exist and are on the way to fill the need for securing virtualization, but security professionals do not yet have a book outlining the many security applications of virtualization that will become increasingly important in their job requirements. This book is the first to fill that need, covering tactics such as isolating a virtual environment on the desktop for application testing, creating virtualized storage solutions for immediate disaster recovery and high availability across a network, migrating physical systems to virtual systems for analysis, and creating complete virtual syst
* The first book to collect a comprehensive set of all virtualization security tools and strategies in a single volume
* Covers all major virtualization platforms, including market leader VMware, Xen, and Microsoft's Hyper-V virtualization platform, a new part of Windows Server 2008 releasing in June 2008
* Breadth of coverage appeals to a wide range of security professionals, including administrators, researchers, consultants, and forensic
System administrators, security professionals, cyber crime and digital forensic investigators, security researchers, and security
Table of Contents
Chapter 1: Introduction to Virtualization for Security
Chapter 2: Sandboxing
Chapter 3: Disaster Recovery and High Availability
Chapter 4: Forensic Analysis
Chapter 5: Honeypotting
Chapter 6: Securing Virtualization AUDIENCE
John Hoopes, Senior Consultant for Verisign, is a graduate of the University of Utah. John's professional background includes an operational/support role on many diverse platforms, including IBM AS/400, IBM Mainframe (OS/390 and Z-Series), AIX, Solaris, Windows, and Linux. John's security expertise focuses on application testing with an emphasis in reverse engineering and protocol analysis. Before becoming a consultant, John was an application security testing lead for IBM, with responsibilities including secure service deployment, external service delivery, and tool development. John has also been responsible for the training and mentoring of team members in network penetration testing and vulnerability assessment. As a consultant, John has lead the delivery of security engagements for clients in the retail, transportation, telecommunication, and banking sectors.