Comments on: Does virtualization subvert security? http://itknowledgeexchange.techtarget.com/server-virtualization/does-virtualization-subvert-security/ A SearchServerVirtualization.com blog Mon, 22 Mar 2010 12:10:59 +0000 http://wordpress.org/?v=2.6.2 By: Hezi Moore http://itknowledgeexchange.techtarget.com/server-virtualization/does-virtualization-subvert-security/#comment-1291 Hezi Moore Tue, 06 Nov 2007 02:36:19 +0000 http://servervirtualization.blogs.techtarget.com/2007/10/25/does-virtualization-decrease-security/#comment-1291 The virtualization layer defiantly does not enhance a VM's security. Assuming the hypervisor is 100 percent secure (which is not achievable especially when the hypervisor keeps changing) both the virtual machine and the physical machine will have the same security level if the network environment is not considered. The security level of a server is also dependent on the environment and most people erroneously ignore this when evaluating the server's security level. For example, a virtual server will be more vulnerable for DOS attacks. Also the visibility inside a virtual network is limited and therefore places the entire virtual network at risk. In the case of a DOS attack the virtual switch and the virtual NIC will also be under attack, thus impacting the performance of the entire virtual environment. In the case of limited visibility, a malicious event can traverse the virtual network without being detected. In conclusion, a virtual server is more vulnerable for network attacks. Virtual network visibility is also a key requirement for security. A solution like VSA (Virtual Security Appliance) from Reflex Security can help administrators protect internal virtual networks. This solution can provide visibility inside virtual environments and can also protect the virtual network and VMs against internal or external attacks. The virtualization layer defiantly does not enhance a VM’s security. Assuming the hypervisor is 100 percent secure (which is not achievable especially when the hypervisor keeps changing) both the virtual machine and the physical machine will have the same security level if the network environment is not considered.

The security level of a server is also dependent on the environment and most people erroneously ignore this when evaluating the server’s security level. For example, a virtual server will be more vulnerable for DOS attacks. Also the visibility inside a virtual network is limited and therefore places the entire virtual network at risk. In the case of a DOS attack the virtual switch and the virtual NIC will also be under attack, thus impacting the performance of the entire virtual environment. In the case of limited visibility, a malicious event can traverse the virtual network without being detected.

In conclusion, a virtual server is more vulnerable for network attacks. Virtual network visibility is also a key requirement for security. A solution like VSA (Virtual Security Appliance) from Reflex Security can help administrators protect internal virtual networks. This solution can provide visibility inside virtual environments and can also protect the virtual network and VMs against internal or external attacks.

]]> By: Rick Vanover http://itknowledgeexchange.techtarget.com/server-virtualization/does-virtualization-subvert-security/#comment-1290 Rick Vanover Mon, 05 Nov 2007 13:58:20 +0000 http://servervirtualization.blogs.techtarget.com/2007/10/25/does-virtualization-decrease-security/#comment-1290 In my opinion, from a purely academic point of view, virtualization does not increase security. I'm not saying that it decreases or subverts, but it inherently does not increase security. I think certain applications, namely those where DMZ or Internet hosts are put on the same virtual host systems that run internal systems - while concurrently using traditional physical boxes and network devices, there is the risk of additional 'paths' to the internal network. There would also be increased risk of erroneous cabling and a mis-configuration that would lessen security. But, virtualization will be not be slowed by this (barring perpetual outbreaks, of course). So, the key will be to manage the technology more correctly to ensure these risks do not materialize. In my opinion, from a purely academic point of view, virtualization does not increase security. I’m not saying that it decreases or subverts, but it inherently does not increase security. I think certain applications, namely those where DMZ or Internet hosts are put on the same virtual host systems that run internal systems - while concurrently using traditional physical boxes and network devices, there is the risk of additional ‘paths’ to the internal network. There would also be increased risk of erroneous cabling and a mis-configuration that would lessen security.

But, virtualization will be not be slowed by this (barring perpetual outbreaks, of course). So, the key will be to manage the technology more correctly to ensure these risks do not materialize.

]]> By: Greg Ness http://itknowledgeexchange.techtarget.com/server-virtualization/does-virtualization-subvert-security/#comment-1289 Greg Ness Mon, 29 Oct 2007 22:55:26 +0000 http://servervirtualization.blogs.techtarget.com/2007/10/25/does-virtualization-decrease-security/#comment-1289 Virtualization and Security (or virtsec) It really isn't useful to argue about whether virtualization makes security worse or better. It clearly introduces new security requirements. Whether that's better or worse will depend on how well the security team understands the changes and what they do about them. Virtualization introduces the opportunity for improved security in the data center but teams will need to know how to deliver on the promise. VMs are very mobile by nature and can change state, etc. They are a different animal to secure than a physical server; yet they can be secured via the hypervisor layer. Thanks Greg Virtualization and Security (or virtsec)

It really isn’t useful to argue about whether virtualization makes security worse or better. It clearly introduces new security requirements. Whether that’s better or worse will depend on how well the security team understands the changes and what they do about them. Virtualization introduces the opportunity for improved security in the data center but teams will need to know how to deliver on the promise. VMs are very mobile by nature and can change state, etc. They are a different animal to secure than a physical server; yet they can be secured via the hypervisor layer.

Thanks
Greg

]]>