Virtualization Security 101

Posted by Dasha Bushmakin on Jun 20, 2013

Virtualization Security 101

There are a few goals most companies have with virtualization:

* Ability to move VMs around to get optimal processing power.

* Better hardware utilization

* Faster scalability

* Identify security incidents, policy violations, fraudulent activities and operational problems.

* Optimize for performance

* Securing the hypervisor, the virtual machine and the virtualized network

* Understand the actions of others

Computer Environments

* In a private cloud, data from a confidential finance application might end up on the same hypervisor as something from sales.

* In a public cloud, it's possible your data could be sitting on the same server as that of your competitors.

A Few Tips

* Consider a public cloud, where you don't have any control at over who they hire to tend your data.

* Default settings for hypervisors should be inspected to make sure they are secure. If not configured, a hypervisor can easily become an attack point.

* Introduce virtualized infrastructure into existing change and configuration management programs.

* Make sure that patches are applied to protect against the latest vulnerabilities and that certificates are up to date.

* Monitor critical configuration files regularly.

Read Virtualization security 101 from Computerworld