Virtualization security concerns in the data center
Virtualization, Virtualization security, Data Center
What are the key security implications of moving to virtualization in the data center? Question
Virtualization, Virtualization security, Data Center
What are the key security implications of moving to virtualization in the data center? 
Subscribe to Alerts! Get questions and answers delivered to your Inbox.
Answer Wiki (Improve, edit or add to this answer)
RATE THIS ANSWER
+1
Click to Vote:
+1
Click to Vote:
- 1
0
When it comes to virtualization, the main security touch points are that when the OS and applications of a server are encapsulated in a file, it makes it easier to 'walk off' with, if you will, becauase all of a sudden, they are more portable. You need to ensure that the appropriate physical security controls are in place such that only authorized personnel have physical access to the VM hosts. Some other things to consider are your strategy for landing VM guests. That is, you should try to group related, such as those managed by the same group together, as opposed to mixing and matching. This will also help when it comes to establishing SLAs and the like, which may differ. In addition, watch out for the open gate -- that is access to VM guests over the network such as through file shares, etc.
--------------------------------------------------------------------------------
Key security issue with configuration is ensure that your Vswitches have promiscuous mode switched off, this is default setting on ESX however ensure it stays that way, physical access is an issue as is admin rights.
ensure low access to physical location,
give only permissions on virtualisation product that at most restricive. keep a small list of people that know what is virtualised, a real hacker may want your vm's but most are out to disrupt, what they dont know wont hurt them unless you advertise.
dont put all your network cards in the same Vswitch, spread the load accross Vswitches and port groups.
the best way to protect is to do as best practise says now, take take of everything in the most secure manner, from the perimeter through to shares and you should do ok.
to be dead honest nothing is secure from everyone but if you do the best you can people will move on to poeple who are not as carefull and leave you alone.
hope this helps in some way
Browse more Questions and Answers on Virtualization, Security and DataCenter.
Looking for relevant Virtualization Whitepapers? Visit the SearchServerVirtualization.com Research Library.
Discuss This Answer
You must be logged-in to discuss a question. Log-in/Register
Anil Desai | Apr 21 2008 2:57PM GMT
There are some inherent security advantages related to virtualization: VMs are self-contained, isolated, operating systems that can be configured with limited network access. Most platforms allow you to create granular controls on which users and administrators can access and manage VMs. However, VMs do contain their own OS’s which must be properly managed. Apart from the standard tasks of keeping OS’s up-to-date, verifying security settings, etc. there are also some virtualization-specific security issues. The greatest security risks, in my opinion, come from a lack of management. I recommend creating an organized process for deploying new VMs and ensuring that IT has oversight over all resource usage. Organizations should put together policies for moving, copying, and uniquely tracking VMs. Virtualization-aware enterprise management software can help automate this for production deployments.
KevinBeaver | Apr 22 2008 6:13PM GMT
They can be a single point of failure. This is compounded by a lack of physical security and disaster recovery plan. Make sure you have both.
