For many people in IT, the road to cloud computing has one huge roadblock: security concerns. To get to the cloud, you’ve got to first get beyond all your security questions. And to do that, you’ve got to “get to know” your cloud.
One place where this can begin is at the hardware level. That’s where you can establish the integrity of the server and use that knowledge to create trusted compute pools. Like the concrete footers on a house, trusted compute pools provide a foundation for a secure environment.
So how do you go about creating this foundation? A good first step is to watch a new Intel video on YouTube. This video, “Securing a Cloud Infrastructure with Intel, HyTrust and VMware,” walks you through the process of configuration, policy creation, and implementation of a trusted compute environment.
The demonstration is based on an Intel® Cloud Builders reference architecture that was put into action in a lab setting. In the demo, we established a five-server configuration and then activated Intel® Trusted Executive Technology (Intel® TXT) on four VMware vSphere* hosts.
We configured one of the hosts as a management server, and then created three virtual machines on the server, with the following roles:
- Infrastructure server
- VMware vCenter* Server
- HyTrust* Appliance
After we configured these VMs, we used VMware vCenter Server to create a VMware vSphere cluster with the three remaining hosts. We then used the HyTrust Appliance to set up a trusted compute pool consisting of two of the three servers in the cluster. We left the third server untrusted so we could demonstrate how HyTrust Appliance can garner platform trust status, use that for defining security policies, and then enforce those policies.
Along with the step-by-step demonstration, this video offers some great tips for building a trusted compute platform. So if you’re thinking about a cloud, you’ll definitely want to tune in to this video. It gives you a fast and easy way to see how you can get to know more about your cloud infrastructure, and then use that information to better protect your critical data and workloads.
For a deeper dive: