Feature

Three hypervisor and virtual environment security concerns

Many IT professionals worry about virtual environment security, concerned that malicious code and malware may spread between workloads. Virtualization abstracts applications from the physical server hardware running underneath, which allows the servers to run multiple workloads simultaneously and share some system resources. Though the

    Requires Free Membership to View

security threats are very real, modern feature sets now offer better protection, and the type of hypervisor you choose to deploy can also make a big difference. Admins should understand hypervisor vulnerabilities and the current concepts used to maintain security on virtual servers, as well as ways to minimize the hypervisor's system footprint and thus the potential attack surface.

Planning security based on the type of hypervisor

Given that Type 1 and Type 2 hypervisors deploy in your environment differently and interact differently with your infrastructure components, it follows that you would also secure each hypervisor using different techniques. Moreover, it's often easier to code Type 1, or bare-metal, hypervisors, and they also provide better native VM security than Type 2 hypervisors, which must share data between the host and guest OSes.

Staying secure with thin hypervisors

Thin hypervisors are stripped-down, OS-independent hypervisors. With minimal software and computing overhead, they limit the number of ways malicious code can intrude. Deployment is also simpler with thin hypervisors, and you won't need to patch them as often as bare-metal versions. Just be sure any software installed includes digital signatures to ensure malware doesn't make its way into the system.

Getting to know the latest hypervisor security features

Firewall and Active Directory integration, auditing and software acceptance features are just some of the ways today's hypervisors offer enhanced security. But these features will only benefit your infrastructure when deployed correctly. Installing only essential system roles, for example, will minimize the OS footprint and attack surface. In addition, strong logon credentials will help ensure that admin and management tools remain secure. Isolating management traffic also minimizes the potential for hackers to access important data.


This was first published in August 2013

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: