The Virtualization Room

Jul 20 2007   3:30PM GMT

Virtualization security advice: Hypervisors, switches are vulnerable

Jan Stafford Jan Stafford Profile: Jan Stafford

Beware of hackers attacking virtual machines (VMs) via the hypervisor or virtual switch. These two avenues of attack will probably pose the most problems to IT security managers in virtualized data centers, Burton Group analyst Chris Wolf told me in a recent interview.

Here are some quick takes from that interview, offered as a heads-up about security and management issues one might face with virtual machines. At the end of this post, I’ve put in some links to other resources on virtualization security.

It’s not so easy to compromise each operating system (OS) living within VMs on a server; but an attack on the underlying hypervisor layer in a virtual environment wouldn’t be too hard to accomplish. Such an attack can take down or limit access to several VMs in one fell swoop, Wolf said. Even worse, the hacker could introduce his own virtual machine to a network without the administrative staff knowing about it.

There’s no silver bullet to protecting the hypervisor. The best practice is, of course, keeping it up to with patches and software updates.

As for virtual switches, Wolf said:

“Not every virtual switch provides the layer to isolation that it should in comparison to a physical switch. Hardware-assisted virtualization is starting to do a lot to provide more hardware-level isolation between virtual machines, but as of today you really have isolation on the address base-level, but no isolation currently in terms of memory, and that is something that is coming with forthcoming virtualization architectures.”

Chris Wolf offers more advice on data protection and server virtualization management in this webcast. (It requires registration.)

You’ll find more VM security tips in the article by SearchServerVirtualization.com resident expert Anil Desai on VM security best practices.

Ed Skoudis and Tom Liston give a detailed rundown on Thwarting VM Detection in this white paper. I found it in a post on Stephen R. Moore’s blog. Thanks, Stephen.

If you’ve had any problems with or can offer any advice on virtualization security, please sound off here, or write to me at jstafford@techtarget.com.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: