Q

Where do I start in discussing virtual security with my customers?

Learn about the architectural and security ramifications of virtualization and discover how to discuss virtual security with your customers. To ensure virtual security, work with your customers to address policies, procedures and responsibilities across server administration, network and security teams before you start deployments.

Virtualization has profound architectural and security ramifications. Where do I start in discussing virtual security with my customers?
Virtualization offers fantastic solutions to many of the economic and technology-driven problems that enterprises and small business alike share today. The thought of consolidating expensive and underutilized computing and storage platforms to reduce footprint, power and cooling costs, and improve resilience is tantalizing to any CIO or CFO.

The challenge arises when the network and security teams discover that they've lost a good deal of the security visibility and operational control they once had, since both the network and hosts are virtualized on a single platform operated by the server administrators. This makes compliance, competencies and separation of duties trickier.

To ensure virtual security, work with your customers to address policies, procedures and responsibilities across server administration, network and security teams before you start deployments. This will limit the operational impact of virtualization.

Further, virtualization adds complexity that extends beyond management and provisioning, and changes the attack surface of your server and workstation deployments. Until security technology catches up with the virtualization vendors and tools become better integrated with the underlying virtualization infrastructure, recommend the following basic virtual security guidance to your customers:

  • Follow the virtualization vendor's virtualization security hardening recommendations, paying strict attention to management and security settings.
  • Harden virtual hosts by using the same processes, procedures and technologies you would employ on a physical server.
  • Isolate virtual hosts in physically or logically segmented networks to prevent attackers from leapfrogging to traditionally secured physical hosts until you are comfortable with the impact virtualization has on security and networking.
  • Group virtual machines that interact with one another on the same host using properly allocated virtual switch(es) to optimize performance and security.
  • Perform a risk assessment that demonstrates clearly that the business understands what consolidating critical service infrastructure means to service levels, availability, business continuity planning and disaster recovery.
  • Take into consideration that licensing models for security applications are still evolving in the virtualized world.

The best discussion to have with clients about virtualization is how to balance the business benefits with the potential operational, architectural and security changes, and be honest about how that will impact the organization.

This was first published in April 2008
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close