Server virtualization security should be a top priority for every IT shop that maintains a virtual environment. Unfortunately, virtual server security hasn't moved to the front of most data centers' IT management agenda.
According to a 2010 Gartner Inc. report, 60% of all virtual machines (VMs) will be less secure than are their physical counterparts. The study also indicates that information security teams are sometimes excluded from the planning and architecture stages of virtualization projects. As a result, many data centers scramble to implement server virtualization security best practices after building their infrastructure. This retrofitting complicates an already-complex problem. After all, while there is overlap, server virtualization security tasks can differ from locking down physical machines, and they pose new challenges for IT staff.
This difference among environments highlights another common server virtualization security problem: Many system administrators lack the training to effectively protect a virtual environment. Virtualization can blur the roles and responsibilities of IT staff, so it's easy for a storage administrator, for example, to unknowingly compromise a virtual host attached to a storage area network.
For those new to server virtualization security, this virtual machine security guide provides articles, tips and blog posts on the benefits and pitfalls of different methods, as well as how to protect a virtual infrastructure from vulnerabilities, malware and unauthorized access.
This section offers an overview of server virtualization security best practices and the pros and cons of virtual environment protection.
Using virtualization to improve security
IT shops frequently move toward virtual infrastructure to save money on server hardware. But virtualization can also improve security by isolating unstable or compromised applications, creating cheaper intrusion detection tools and offering powerful forensic analysis capabilities. This tip provides an overview of server virtualization security and how it can fortify data centers.
Virtualization security benefits and drawbacks
Before deploying a virtualization environment, you need to understand how a virtual infrastructure affects data center security. Are the potential virtualization security benefits, such as isolation and abstraction, worth the risks of malware or a compromised physical host? This tip lays out the security-related pros and cons of implementing a virtual environment.
Server virtualization security issues require attention to detail
Securing a virtual environment doesn't have to differ dramatically from fortifying a traditional, physical infrastructure, but server virtualization security requires a few adjustments. This tip discusses some key caveats and requirements in successfully securing a virtual infrastructure.
Balancing virtual machine workloads to improve security and performance
Usually, virtualization administrators spread VM workloads across multiple hosts for performance reasons. But this practice also brings virtualization security benefits. This article outlines how using workload balancing methods that account for security zones can improve virtualization security and performance.
This was first published in May 2010