Virtualization Security

In simple terms, virtualization software allows you to run multiple operating systems on a single machine at the same time. Virtualization technology is gaining popularity due to the benefits it offers in terms of reduced costs and increased operational efficiency and flexibility. However, this technology introduces a virtualization layer that itself becomes a potential avenue of attack for the virtual services being hosted. Because a single host system can house multiple virtual machines, the security of that host becomes critical in maintaining the confidentiality, integrity and availability of your systems and data.

In our experience this immature technology is often poorly understood, and rarely implemented correctly in enterprise environments without jeopardising the organizations security posture. There are a number of security considerations which differ from the physical world, including but not limited to:

• network architecture
• zones of trust, network segmentation, and access control
• virtual switches and networking
• virtual appliances
• mobile servers
• patch application and management
• intrusion detection and prevention
• definition of roles and responsibilities
• storage