In Part One of securing your virtual servers, management software was listed as a key component in protecting your network and virtualized servers. Monitoring the data flow is critical between these servers. Forgetting about the protection of these servers is one of the factors the IT department has to worry about. The VM server becomes one of the most complex applications on any physical server.
Isolating Virtual Environment
Isolation of your virtual environment is critical in protecting your network. The IT department should put virtual servers on separate networks in order to manage their virtualized server environment. It is critical to restrict access to a key team (virtualization team) so the servers can be managed and not forgotten about. This separation allows for the security of the entire network in the event of any type of malicious activity. Separating your management and security control plane allows you to communicate with your servers. In part one, suggestions of being able to monitor data in and out reiterates the aforesaid statement.
Stay up to Date
Protection also must be considered in a trusted and untrusted environment. If you elect to place a virtual machine in your DMZ (demilitarized zone), consideration has to be taken for industry compliance (i.e. PCI-Payment Card Industry). PCI standards continue to evolve annually and standards become more complex. ISO 17999 and 27001 in the information technology industry can play a role in how you deploy your virtualized servers. Security compliance must be adhered to.
The introduction of a virtual computer in the DMZ increases the chance of an improperly configured server. A technician could easily place the wrong NIC (Network Interface Card) card in the wrong trust zone, creating vulnerability. This also creates or increases the chance for a breach or hack three fold. These servers require a deeper security analysis that covers both the application layers and the databases that reside on these servers.
Audit
With all virtualization, the information systems/technology managers need to perform a security audit quarterly. This ensures that the data is traveling to security applications, data in and out is being monitored and maps out which physical hosts have resident virtual machines. This type of audit needs to be added to the security and compliance policies your organization should already have in place.
The audits should also make sure that automatic patching and updates for the operating systems and applications is taking place. Any machine that is left offline for any period of time can easily miss these updates and pose a threat to your network when they are brought back online. All IT professionals know that leaving any workstation or server offline for any amount of time makes it a threat to your network. Patches and updates are released daily for operating systems and applications.
Using remote desktop in VirtualBox
Understanding Networking In VirtualBox