|
You are in essence putting more eggs into a single basket. For example, if you have many servers and consolidate them with virtualization, your virtual machines will now be sharing a single network interface (perhaps several, but most likely each virtual machine will not have its own NIC). This has implications when it comes to layer-two network security. If a server is spamming the network with a bot attack, it is no longer a good idea to simply turn off the offending port because that could affect several VMs that share that port. This same scenario applies to blade servers.
Other security implications include back retention policies on the SAN. If the SAN is backed up on a regular basis, are you aware of what data on the SAN actually needs to be backed up? Can that data safely be backed up unencrypted? These are things to consider.
|
