The world's largest dedicated security company, McAfee, Inc., unveiled today the industry's first service designed to help organizations securely deploy virtualization technologies. McAfee(R) Foundstone(R) Professional Services also outlined a set of security guidelines covering people, processes and technology to educate enterprises adopting virtualization technologies, as part of its strategy to provide the most complete solution for secure virtualization.
McAfee Foundstone Professional Services helps enterprises create, deploy and maintain virtual infrastructure with the highest possible security. Foundstone consultants help identify and mitigate the risk to a virtual infrastructure by reviewing the people, processes and technology surrounding this virtual deployment. Because it can deliver significant business benefits for customers: reducing capital and operating expenses, assuring business continuity, strengthening security, and going green, Virtualization is generating global momentum.
However, the security implications of adding virtual machines to a corporate environment also need careful consideration. Only 12 percent said they had put strategies in place to protect their virtual machines, in a 2007 InformationWeek survey of IT professionals.
Just as with physical systems, IT organizations using virtualization technologies must focus on people, processes and technological considerations associated with securing their operations. Some of the items enterprises need take note of when deploying virtualization technologies include:
-
Data protection. Just as with physical systems, users should consider what data will be stored on virtual systems. A breach may expose organizations to a disclosure threat. Virtual disks are typically stored on the host in an unprotected format, so encryption and strong access controls should be considered where appropriate.
-
Management controls need to be protected. Many virtual machine (VM) management Web consoles come with self-signed SSL certificates that should be replaced with certificates issued by trusted third parties, to prevent man-in-the-middle attacks. Also, just as with physical environments, organizations should understand the risk of exposing management interfaces to the Internet, or even extended populations of their own user base. The impact of management traffic being intercepted could be significant.
-
It is important to consider what access users have with respect to the host. To manage such provisioning and authorization it may be wise to create and designate new roles including virtual machine (VM) administrators, VM authors and VM users.
-
Administrators must understand the nuances and possible attacks on the systems they are deploying. While this is true in physical environments as well, virtualization technology has its own unique characteristics that add or change the attack surface. These must be understood given its role in the infrastructure.
-
Hardware or firmware changes on a physical machine could affect confidentiality, integrity and availability of the virtual machines running on that machine. On a similar note, tried and tested patch management techniques in use today may have to be augmented to deal with virtualized infrastructures. Organizations need to track what software, including applications, is installed on their physical and virtual systems and keep up with patches, including the virtualization software itself
-
Asset and inventory management. Organizations and administrators must always maintain control of the number of licenses in use especially as virtual machines are created, retired or duplicated.
-
Contingency planning and disaster recovery strategies can be optimized to gain significant synergies from virtualization deployments.
Home
Contact Us
