As is the case when introducing any new technology it is important to have a strong understanding of how virtualization will impact your environment and all of the applications you are running. It is important to understand how virtualization may change your level or risk. For example, if the virtual server running a web site were compromised, could the attacker continue to compromise other virtual servers on the same host undetected by network intrusion detection? There are certainly ways to leverage virtualization without increasing risk, but it’s important to recognize these potential challenges and safeguard against them.
Below are a few security concerns and best practices to keep in mind as you virtualize your IT environment.
1) Ensure your software vendors provide full support for applications running within a virtualized environment - It’s best to figure this out before you move an application to a virtualized environment, instead of when you need help troubleshooting an issue, especially if the application in question is mission-critical. Talk with your vendors about support options, before making the switch.
2) Update your written security policies and procedures to account for virtualization - You will now have multiple virtual systems running on the same physical server using the same physical data storage, memory and peripheral hardware such as network interface controllers. You need to update your security requirements and policies to allow these resources to be shared in such a manner.
3) Always secure the host virtual machine - It's very important that the virtual server host operating system be locked down following the appropriate guidance for that operating system. For VMWare Infrastructure, for example, the guest Operating System is based on Linux, so it should be locked down in accordance with best practices and your corporate standards and requirements.
4) Institute appropriate access control - Since virtualization provides the opportunity to completely control a machine remotely, appropriate access control measures must be implemented to limit the risk of inadvertently shutting down, rebooting or deleting a machine. Filesystem permissions for virtual machine images also need to be stringent and consistently monitored and audited. Virtual server configuration settings such as network configuration settings should also be restricted.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.