Security Lags as Virtualization Picks Up…


I’ve just gone thru an interesting article about security and virtualization.

 

Chris Farrow, vice president of market strategy at Configuresoft says “Virtual networks have all of the security vulnerabilities of physical networks, plus some unique ones.”.

The unique one is the hypervisor layer from my PoV. Apart that nothing new regarding security!

You apply the same set of tools, techniques and appliances whether you protect physical or virtual machines.

 

William Jackson, the author of the article, says: “As with many technologies, virtualization’s features have outpaced security, and vendors are now trying to catch up.

And to catch up, security folks of any company should meet up with IT guys to modify existing ‘checklists’. Again nothing new to build up from scratch! 

 

 

There was no industry guidance on how to secure this technology,” Chris Farrow said.

Best to follow the existing rules, you secure the hosts and the guests as you would do for physical servers.

For example, no root access to the hosts but you SU in, disable telnet, use VLANs to contain virtual networks, install an AV, turn on built-in firewall, patch the OS, etc… This is known guidance, nothing new!

 

IBM says: “…securing a virtual world is not that difficult

True, don’t be fooled by all the buzz around virtualization.  It won’t break all our guidance and best practices, we just have to adapt them a bit.

 

The full article here

Advertisements

About PiroNet

Didier Pironet is an independent blogger and freelancer with +15 years of IT industry experience. Didier is also a former VMware inc. employee where he specialised in Datacenter and Cloud Infrastructure products as well as Infrastructure, Operations and IT Business Management products. Didier is passionate about technologies and he is found to be a creative and a visionary thinker, expressing with passion and excitement, hopefully inspiring and enrolling people to innovation and change.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s