Last Day to Save $200 on SANS Cyber Defense San Diego 2014

Los Alamos National Laboratory Wins National Cybersecurity Innovation Award for Leap Forward in Cloud Security

Los Alamos National Laboratory Wins National Cybersecurity Innovation Award for Leap Forward in Cloud Security

Infrastructure on Demand - Award-Winning Secure Cloud Initiatives in Government

Anil Karmel, Los Alamos National Laboratory, U.S. Department of Energy; receives a National Cybersecurity Innovation Award with White House Cyber Coordinator, Howard Schmidt, at the National Cybersecurity Innovation Conference in Washington DC.

WASHINGTON DC, October 31, 2011

The SANS Institute announced today that Los Alamos National Laboratory has won the 2011 U.S. National Cybersecurity Innovation Award for their innovative use of vShield and other defense tools that represent a breakthrough model for securing virtual computing and private cloud deployments.

As federal agencies and commercial organizations move quickly to take advantage of cloud computing, they are also concerned about the increasing risk of cyber-attacks. A large fraction of these cloud computing initiatives rely on VMware to manage the virtual computers which are deployed in the cloud environment. VMware has been pushing for its customers to shift toward the vShield architecture which offers ways to use built-in application firewalls through what's known as vShield Zones, or to use vShield App, the hypervisor-based application-aware firewall for the virtual data center. The vShield App uses application-aware firewalling installed on the vSphere host to control and monitor all network traffic on the host.

Los Alamos National Laboratory was able to use vShield to create the Infrastructure on Demand cloud platform featuring inventive cloud security and automation architecture. They have deployed a private cloud that allows their organization to offer infrastructure as a service to Los Alamos researchers. Los Alamos has cut a 30-day server provisioning process down to 30 minutes, and in its first six months, the service was used to provision more than 700 virtual machines.

Key features of the Infrastructure on Demand program includes:

  • Automated provisioning of workloads into secure enterprise enclaves.
  • Mapping physical security into a virtual security model using VMware vShield.
  • Employing automated remediation features to offline non-compliant workloads.
  • Extension of a private cloud security framework.

Los Alamos National Laboratory wins the 2011 National Cybersecurity Innovation Award for improving the security of cloud computing and virtual systems.

About the National Cybersecurity Innovation Awards

The National Cybersecurity Innovation Awards recognize developments undertaken by companies and government agencies that have developed and deployed innovative processes or technologies that (1) is innovative in that it has not been deployed effectively before, (2) can show a significant impact on reducing cyber risk, (3) can be scaled quickly to serve large numbers of people, and (4) should be adopted quickly by many other organizations. Nominators for the include most of the senior government officials involved with cybersecurity as well as those from the major Cybersecurity Information Sharing and Analysis Centers (ISACs). Corporations and individuals, including SANS instructors also nominated innovations. Each nomination was tested by SANS research department against the criteria; those that met *all* four were recognized. More than 50 nominations were received; 14 were selected.

About SANS

Established in 1989 as a cooperative research and education organization, SANS' programs reach more than 400,000 security professionals, auditors, system administrators, and network administrators who share the lessons they are learning and jointly find solutions to the challenges they face. At the heart of SANS are the many security practitioners in government agencies, corporations and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community. (

For more information:
Alan Paller,, (301) 951-0102 x108