Virtualization security concerns in the data center

Tags:
Data Center
Virtualization
Virtualization security
What are the key security implications of moving to virtualization in the data center?

Answer Wiki

Thanks. We'll let you know when a new response is added.

When it comes to virtualization, the main security touch points are that when the OS and applications of a server are encapsulated in a file, it makes it easier to ‘walk off’ with, if you will, becauase all of a sudden, they are more portable. You need to ensure that the appropriate physical security controls are in place such that only authorized personnel have physical access to the VM hosts. Some other things to consider are your strategy for landing VM guests. That is, you should try to group related, such as those managed by the same group together, as opposed to mixing and matching. This will also help when it comes to establishing SLAs and the like, which may differ. In addition, watch out for the open gate — that is access to VM guests over the network such as through file shares, etc.

——————————————————————————–

Key security issue with configuration is ensure that your Vswitches have promiscuous mode switched off, this is default setting on ESX however ensure it stays that way, physical access is an issue as is admin rights.

ensure low access to physical location,

give only permissions on virtualisation product that at most restricive. keep a small list of people that know what is virtualised, a real hacker may want your vm’s but most are out to disrupt, what they dont know wont hurt them unless you advertise.
dont put all your network cards in the same Vswitch, spread the load accross Vswitches and port groups.

the best way to protect is to do as best practise says now, take take of everything in the most secure manner, from the perimeter through to shares and you should do ok.

to be dead honest nothing is secure from everyone but if you do the best you can people will move on to poeple who are not as carefull and leave you alone.

hope this helps in some way

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Anil Desai
    There are some inherent security advantages related to virtualization: VMs are self-contained, isolated, operating systems that can be configured with limited network access. Most platforms allow you to create granular controls on which users and administrators can access and manage VMs. However, VMs do contain their own OS's which must be properly managed. Apart from the standard tasks of keeping OS's up-to-date, verifying security settings, etc. there are also some virtualization-specific security issues. The greatest security risks, in my opinion, come from a lack of management. I recommend creating an organized process for deploying new VMs and ensuring that IT has oversight over all resource usage. Organizations should put together policies for moving, copying, and uniquely tracking VMs. Virtualization-aware enterprise management software can help automate this for production deployments.
    765 pointsBadges:
    report
  • Kevin Beaver
    They can be a single point of failure. This is compounded by a lack of physical security and disaster recovery plan. Make sure you have both.
    16,610 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following