-
-
Check out our applications -
subscribe to RSS
Get email updates every time we post!
Virtualization and the Security angles
http://rationalsecurity.typepad.com/blog/
I’ve been doing a bit of writing and speaking on panels recently on the topic of virtualization and the impact that it has across the entire spectrum of risk; I think it’s fairly clear to most that virtualization impacts all aspects of the computing landscape, from the client to the data center and ultimately how securing virtualization by virtualizing security is important.
Gartner just released an interesting article that says “Organizations That Rush to Adopt Virtualization Can Weaken Security.”  Despite the sensationalism that some people react to in the title, I think that the security issues they bring up are quite valid.
I’m glad to see that this study almost directly reflects the talking points that we’ve been puttering on about without any glaring omissions as it validates the problem space; it doesn’t take a rocket scientist to state the obvious, but I hope we get solutions to these problems quickly.
Very cool, when implementing virtualization as a platform, you should be covering the management, the on going support by that I mean delivery, as well as security, tools like BlueLane’s VirtualShield might handle the security patching etc, but what about systems inventory? Chargeback? Configuration of the ESX, who handles it, what access does the business team have to it, all the usual things, finally migration, do you fix the security of the boxes your virtualizing? If not, who goes back and retrospectively fixes the security?
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
Leave a Reply
Recent Posts
Categories
Recent Comments
- Data centers on Joining the cloud computing space
- Tom on BuildMyVirtual - our Self Service Virtualization Portal goes online for free download shortly
- scott Paradis on What's in a name - quite a lot you know
- martin237 on How to reboot the HP ILO/kick off a hung session
- Steve Khan on What's the ILO and how do I connect to it?
- Mahmoud Moataz on How to reboot the HP ILO/kick off a hung session
- ST2 on Virtual mobile handset please
- Allan on How to reboot the HP ILO/kick off a hung session
- Chris Rugh on Vendor engagement and real world opportunities
- Ray McLemore on HP Converged Infrastructure enhances trade capacity and execution
3 Comments
Exactly!
The interesting thing is that the list of issues the exist in the non-virtualized world multiply in the virtualized if only from the fact that you can spin up and entire new segment of “infrastructure” in minutes. Maintaining parity between policy and reality when these new systems is challenging.
If you spin up a VM based on an image a month old, as you allude to, how do you make sure it has all the elements (security of configuration) that corresponds to the current requirements (such as patches, etc.)?
The “management” pieces of the various VM architectures will surely play a part here, as will existing configuration management utilities, and I think that will get us to a point.
That’s why I raised the issue of how/when/where does one implement security in the system and how does one model the risk.
Lots of fun stuff coming…
And we at Blue Lane have even more coming….. Stay Tuned!
Greg
Be it a Virtual Guest OS or a Blade Altiris image…anything offline for a long period of time will not receive updates.
The key is the management & process surrounding it. Get that right and you are onto a winner, get it wrong and you are opening a can of worms.
I recently had a project to deliver 10 more blades, and the 3rd party put an image from August 06 as they have no Image Management Process…so I have had to bill overtime against the project, NOW they want a new BAU Project code to take my new image and deploy to remaining 9 servers.
What sort of value does this present to the Business?