Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator.

Similar presentations


Presentation on theme: "Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator."— Presentation transcript:

1

2

3

4

5

6

7

8

9

10 Fluffy’s Safe Right?

11 If you want to limit a user’s functionality, don’t make them an administrator.

12

13 BILLION DOLLAR/EURO LAPTOP PROBLEM Europe Organizations +72,000 laptops lost ~1.79 Billion Euros United States Organizations +86,000 laptops ~2.1 Billion Dollars

14 HIPAA Breach: Stolen Hard Drives March 2012: Large Medical Provider in Tennessee paying $1.5 million to the US Dept. Health & Human Services Theft of 57 hard drives that contained protected health information (ePHI) for over 1 million individuals Secured by: Security Patrols Biometric scanner Keycard scanner Magnetic locks Keyed locks “71% of health care organizations have suffered at least one data breach within the last year” -Study by Veriphyr

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37 Parent Partition Virtualization Service Providers (VSPs) Windows Kernel Server Core Virtualization Stack Device Drivers Hypervisor VM Worker Processes VMMS Service WMI Provider Virtual Machines Kernel Mode User Mode Virtualization Service Clients (VSCs) OS Kernel EnlightenmentsVMBus Guest Applications Provided by: Windows ISV Hyper-V APICMMU CPU Storage NIC VID Kernel Mode User Mode

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65 Physical NIC Root Partition Extensible Switch Extension Protocol Extension Miniport Host NIC VM NIC VM1 VM NIC VM2  Capture extensions can inspect traffic and generate new traffic for report purposes  Capture extensions do not modify existing Extensible Switch traffic  Example: sflow by inMon  Windows Filter Platform (WFP) Extensions can inspect, drop, modify, and insert packets using WFP APIs  Windows Antivirus and Firewall software uses WFP for traffic filtering  Example: Virtual Firewall by 5NINE Software  Forwarding extensions direct traffic, defining the destination(s) of each packet  Forwarding extensions can capture and filter traffic  Examples: – Cisco Nexus 1000V and UCS – NEC ProgrammableFlow's vPFS OpenFlow Capture Extensions (NDIS) Windows Filter Platform (WFP) Forwarding Extensions Forwarding Extensions (NDIS) Filtering Engine BFE Service Firewall Callout

66

67

68

69

70 IPsec Task Offload: Microsoft expects deployment of Internet Protocol security (IPsec) to increase significantly in the coming years. The large demands placed on the CPU by the IPsec integrity and encryption algorithms can reduce the performance of your network connections. IPsec Task Offload is a technology built into the Windows operating system that moves this workload from the main computer's CPU to a dedicated processor on the network adapter. SR-IOV is a specification that allows a PCIe device to appear to be multiple separate physical PCIe devices. The SR-IOV specification was created and is maintained by the PCI SIG, with the idea that a standard specification will help promote interoperability. SR-IOV works by introducing the idea of physical functions (PFs) and virtual functions (VFs). Physical functions (PFs) are full-featured PCIe functions; virtual functions (VFs) are “lightweight” functions that lack configuration resources. Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine.

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88 Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a CommNet kiosk or log on at Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.

89

90


Download ppt "Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator."

Similar presentations


Ads by Google