Virtual Environments Security

June 16, 2010

What is Virtualization?

Virtualization permits the consolidation of hardware by allowing  multiple “virtual” machines to perform on one physical machine.  Although the virtual machines are hosted by a single entity, each virtual machine has its own operating system and applications.

There are three types virtualization:

  • Network virtualization
  • Server virtualization
  • Storage virtualization

Benefits of Virtualization

When properly deployed, virtualization platforms can meet high-priority IT objectives including:

  • Server consolidation
  • IT automation
  • Self-service server provisioning
  • Disaster recovery
  • Capacity management
  • Performance and scalability
  • Process improvement

Challenges of Virtualization Security

Like physical systems, a virtualized environment is subject to the same security risks.  To minimize risk, it is necessary to have the same security measures in place that you would on a physical machine. Including:

  • Antivirus, antispyware, intrusion detection, and other protection for every virtual machine in the virtual infrastructure
  • Up-to-date security measures and application of appropriate patches
  • Keeping track of updates for dormant virtual machines that are powered off

Best Practices for Virtual Environment Security

  • Hardening  – System hardening helps minimize security risks by performing a series of actions such as installing anti-virus and updated security patches to secure the platform.
  • Configuration and Change Management- As virtual environments are characteristically the same as physical environments, it is important to make sure the system has been set up correctly and maintains a secure configuration standard. 

  • Administrative Access Control – Maintain separation of administrative duties and limit  privileges to prevent accidental or malicious access to the hypervisor.

  • Network Security – Network security is essential. Machines that process protected information should be isolated so that data is not accessed through other machines. Virtual security devices such as virtual firewall and virtual IDS/IPS should be in place.
  • Audit Logging-Audit logging is critical to managing the security of any environment – physical or virtual.  It provides the ability to track and monitor activities within IT systems.

For a more detailed article and additional resources visit www.trustcc.com and click on our Information Center tab and Compliance Resources.

– TrustCC



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: