Virtualisation: why it matters
Virtualisation allows the virtual machines running applications to be divorced from their physical environment. Such machines provide an isolated ‘sandbox’ for running applications, with Hypervisor processes managing multiple virtual machines on each physical machine. This separation of functionality from location allows superior management and a pooling of resources, with the ability to meet workloads on demand.
Let’s be clear that virtualisation technology isn’t merely applicable to server applications within a Data Centre – it applies across the enterprise, be it within storage, the network or at the desktop.
Complexity breeds insecurity
Using virtualisation technologies causes the complexity of computing environments to mushroom. As we all know only too well, additional complexity breeds insecurity. With recent virtualisation technologies evolving from mainframe origins to the standard server and desktop market space, its widespread application is still relatively new.
Full security analysis of many of the vendor offerings reveals large areas of unexplored code in which potential flaws could be lurking. In the words of former US defence secretary Donald Rumsfeld, this is a ‘known unknown’ since the lack of live deployments has resulted in little testing (until recently, that is).
One of the great benefits of virtualisation is the pooling of resources, and an ability to redeploy virtual machines ‘on the fly’. These machines really can be deployed instantly and shuffled around the infrastructure in much the same manner as you would transfer files. Managing change and introducing security within this mix, though, can be an incredibly complex procedure.
Attacks on virtualised systems have so far been few and far between. That said, the number of installed systems is set to double by 2012, while evidence of concept attacks is already in existence. Attacks on virtual systems can come from an extension of older forms of attack (such as Denial of Service, buffer overflows, spyware and Trojans… all of which are prone to lurk beneath guest operating systems). In addition, new and specific attacks include those from worms, guest hopping, Hypervisor malware and Hyperjacking, all involving the Hypervisor itself being exploited.
Existing security measures
Existing security technologies typically revolve around static and IP-based controls (be they firewalls, Virtual LANs, etc). However, with the erosion of technology tied to a particular location, the tracking of IP or static-based identifiers is no longer sufficient. Indeed, most network and admission control technologies aren’t virtualisation aware.
In addition, IT audit and compliance processes are now far more complex undertakings. What happens with offline or dormant virtual machines? They still need to be patched and reviewed on a timely basis. The only question is: ‘How?’
With potential attacks first compromising one virtual machine and then spreading to others, each needs to be protected with secure policies configured and adapted as necessary. Here, existing vendor tools can be used in the partitioning, isolating and segmentation of each virtual machine with resource management controls to allocate, schedule, monitor and cap resources as required.
Monitoring the enterprise
Where existing tools fall short is in their ability to monitor the whole enterprise, integrate with other tools and keep track of (and detect) virtual machines to limit their spread.
Detection tools are required to scan virtual machines and spot any malicious code or vulnerabilities. Again, with reference to some of the newer Hyperjacking-type attacks, control of inter-virtual data needs to be monitored, and any suspicious traffic reported and/or escalated. Communications between virtual components must be safeguarded with built-in encryption, digital signatures and hardware-based root certificates provided by technologies such as the Trusted Computing initiative TPM (Trusted Platform Module).
In essence, the old adage of combined layers of complementary countermeasures applies, protecting the physical devices, the Hypervisors and virtual machines.
David Frith is senior consultant at Siemens Enterprise Communications (www.enterprise-communications.siemens.com)
Virtualisation: why it matters
Virtualisation allows the virtual machines running applications to be divorced from their physical environment. Such machines provide an isolated ‘sandbox’ […]
IFSEC Insider
IFSEC Insider | Security and Fire News and Resources