News Stay informed about the latest enterprise technology news and product updates.

Virtualization security: The dark side of the force

Thomas Ptacek writes about two ways virtualization complicates life for systems security people in his blog entry, Dark Reading on Virtualization Security.

First of all, he says, “you now face the spectre of guest-hopping attacks, which are vulnerabilities in your hypervisor that allow you to beat VM protection and gain access to other hosts. The driver for these attacks is that a hypervisor has to provide at least the illusion of a ‘ring 0’ for a guest operating system to run in.” Secondly, he adds: “If you’re on the same hardware as your target, you have significantly improved timing channels to pry encryption secrets out with.”

Fortunately, he has some ideas on how to handle these problems. So do the other writers for Matasano Chargen, a blog about information security.

Virtualization security is on our readers’ minds, too, and we’re answering their requests for advice. Check out Chris Wolf’s advice on virtual switch security on Virtual Server, VMware and XenExpress and the virtualization security series by Harley Stagner, in which he suggests ways to improve Microsoft Virtual Server security.

What aspect of virtualization security is bugging you? What should IT shops really be worried about?

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Jan: The issues of securing virtualized infrastructures are getting discussed with more frequency these days. From my standpoint, they are sprawl, mobility and complexity. The hypervisor layer is also a great point of leverage for the right kinds of security solutions... as well as hackers. Thx Greg Ness Blue Lane Technologies (vendor)
Cancel

-ADS BY GOOGLE

SearchVMware

SearchWindowsServer

SearchCloudComputing

SearchVirtualDesktop

SearchDataCenter

Close