Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« 5 Ways to Reduce the Chance of Insider Abuse | Main | Survey Shows Our Irrational Reaction to Phishing »

Security Concerns May Slow Virtualization

Using virtualized servers has many advantages: better utilization of hardware, reduced energy consumption, smaller data centers, etc. Security is a major concern and can slow adoption even more than other issues like virtual server sprawl and patch management.

One of the concerns is that a vulnerability in the hypervisor that controls the multiple virtual instances can be exploited to allow an attacker access to multiple virtual instances. While the concern is real, we haven't seen a viable exploit yet according to some quoted in a Network World article on virtualization:

“To my knowledge, there has never been a hack that has allowed a security problem to propagate from one virtual host to another by way of the hypervisor technology,” says Steve Ross, a consultant with Catapult Systems, which is helping logistics provider Transplace in Plano, Texas, deploy and maintain its VMware virtual environments.

“It could happen, and the attacker or breach could hop from [virtual machine] to [virtual machine], but I have yet to see it as a functional exploit out there today,” adds Tim Antonowicz, systems engineer at Bowdoin College in Brunswick, Maine.

But others still point out the hypervisors present another attack surface:


“Virtualization is essentially a new operating system, which is something that hasn’t been done for a long time, and it enables an intimate interaction between underlying hardware and the environment,” says Rich Ptak, founder and principal analyst at Ptak, Noel and Associates. “The potential for messing things up is significant.”

We need to strike the right balance with virtualization. To get the benefits we need to segregate similar classes of applications and data to the same physical server or cluster. Less critical systems can be run in virtual environments while we get used to patching and securing virutalized servers. This way we get experience with the technology while reducing the risk should the hypervisor be exploited. Keeping virtualized servers separated on untrusted network segments can also help contain any potential breach.

Tags:            
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on November 26, 2007 12:56 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/537

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net