Understanding Virtualization Best Security Practices
Introducing Virtualization Security Issues
However, because of the intermediary hypervisor layer resting between the virtual machine and its host physical hardware and
operating system, additional vulnerabilities may exist. Issues concerning accessibility and management also arise with the introduction of a virtualized environment, so security concerns are legitimate and must be addressed in order for companies to stay in control of their networks. Here are some virtualization best security practices that can help.
Image Credit: Wikimedia Commons/George Shuklin
Backup and Undo
Virtual resources need a backup strategy just as physical resources do. Companies willing to invest in virtualization should make sure that ample resources are acquired to backup and store backups of all virtual machines. Because of the multiple servers that now reside on a single disk or array, the failure of physical drives can be more catastrophic than ever before if a backup plan is not in place.
The “undo” function of many virtualization solutions makes it easy to roll back undesirable changes. However, when the roll back is performed, often days worth of data is lost as well as security patches and antivirus updates. If care is not exercised, the use of “undo” can introduce security vulnerabilities in systems that administrators think are updated and secure.
Limit Virtual Machine Propagation
In the virtualized environment, existing server images can quickly and easily be duplicated and new ones introduced. Without a system in place to track virtual machines in the enterprise, several undesirable effects can materialize.
First, unauthorized, rogue virtual machines can be created in the virtual space that can log and intercept network traffic, disseminate malware, or burden the physical layer running applications for hackers or employees.
Serious issues can also arise from the ability to clone virtualized servers. With just a click of a mouse, an entire server and its data can be uploaded to the Internet or downloaded to a physical drive and taken home. Proprietary information can easily be leaked to competitors or sold to the highest bidder, so companies should have a plan in place to control virtual server replication.
Of course, not all problems arising from cloning are malicious. For example, a staffer may be tempted to clone a server to increase capacity, forgetting to change IP addresses and other settings, creating conflicts on the network that can disrupt network access.
Another problem with a multiplying array of virtual servers is management. Accounting for all the servers in the data center and ensuring that they are all patched with the latest updates and fixes, and scanned for viruses can be daunting enough without the needless replication of virtual machines.
Finally, legal issues must be kept in mind. As software interests actively advertise on the radio and in print, inviting employees to anonymously report businesses that use unlicensed software, companies are at greater risk than ever for being caught in licensing violations. Sure, cloning virtual servers is a fast and easy way to bring new systems on line, but care must be taken to make sure the terms of use of the operating systems and applications are not violated.
Treat Virtual Servers Like Physical Servers
Best security practices have long been established for the safe operation of standard computer systems, so they can easily be applied to virtualized resources as well. Password policies, access rights, and event monitoring should be consistent throughout the network. Because of the ease with which virtual servers are created and implemented, some users may approach them more casually than they do physical servers.
Perhaps creating enforceable departmental policies and procedures and providing the necessary education to equip IT personnel for dealing with proper virtual management techniques are best virtualization security practices of them all.
