AKIBIA'S PRACTICAL GUIDE TO ENTERPRISE TECHNOLOGY
Friday, January 08, 2010
Ensuring Security in the Virtualized Environment
With virtualization more and more prevalent in your IT infrastructure, this is a good time to ensure your virtualized environment is meeting the same high standards for security that you have set for your non-virtual infrastructure.
Here are some things to keep in mind:
- Does your software vendor provide support when running in a virtual environment? Know the answer to this question before you deploy. You don’t want to find out your software is unsupported because you are running it on a virtual server when a problem arises.
- Update your written security policies and procedures to account for virtualization - You will now have multiple virtual systems running on the same physical server using the same physical data storage, memory and peripheral hardware such as network interface controllers. You need to update your security requirements and policies to allow these resources to be shared in such a manner.
- Always secure the host virtual machine - For VMWare Infrastructure the guest Operating System is based on Linux, so it should be locked down in accordance with best practices and your corporate standards and requirements.
- Build Virtual DMZ’s - For systems deemed to be safe for virtualization, the virtual servers that run together on the same hardware platform should share similar security requirements. Think of these systems as being together on a virtual DMZ network.
- Make network intrusion detection and prevention changes - If multiple virtual machines are using the same network interface cards, keep in mind the extra bandwidth that will be traversing that card.