What are the main virtualization security threats?

pcaulfield

What are the main security threats that should be considered with virtualization?

Answer this Question

Answers

2 total
kreiley
Vote Up (15)

 

Your biggest threats are mostly in virtual machines on top of the hypervisor.  I think the best thing you can do is follow vmware guidelines for hardening the platform itself.  

http://www.vmware.com/files/pdf/vi35_security_hardening_wp.pdf

 

jimlynch
Vote Up (12)

Here's an article that covers some of it:

Six common virtualization security risks and how to combat them
http://www.net-security.org/secworld.php?id=9023

"Through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace, according to Gartner. Although they expect this figure to fall to 30 percent by the end of 2015, analysts warned that many virtualization deployment projects are being undertaken without involving the information security team in the initial architecture and planning stages.

Gartner research indicates that at the end of 2009, only 18 percent of enterprise data center workloads that could be virtualized had been virtualized; the number is expected to grow to more than 50 percent by the close of 2012. As more workloads are virtualized, as workloads of different trust levels are combined and as virtualized workloads become more mobile, the security issues associated with virtualization become more critical to address."

Ask a question

Join Now or Sign In to ask a question.
There's nothing Amazon can have that others can't try to take away, as today's VMworld event sees the introduction of the VMware Workplace Suite -- a combined platform to deploy and manage applications and desktops from the cloud to laptops, smartphones, tablets, or whatever.
VMware has assembled a package that combines its desktop virtualization software with its tools for managing mobile devices, giving administrators a unified suite to manage all of their end-users' application requirements.
Some of the tech industry's biggest and brightest companies, including Google and IBM, have taken to running software in containers, a kind of hyper-compressed way to package up an app and get it running at scale without relying on virtual machines or the software licenses to run and manage them. At the same time, buzz has been building around the OpenStack open source cloud project for years, with customers beginning to talk about replacing at least part of their VMware cloud infrastructure with free-as-in-beer code.
Dell, VMware, and Cumulus Networks intend to accelerate the adoption of network virtualisation and open networking in the software-defined datacentre with the launch of a joint solution at VMworld 2014.
McAfee, part of Intel Security, has made improvements to its Server Security Suites portfolio with the introduction of performance optimisation and additional management efficiency to increase security for servers in physical, virtualised and Cloud environments.
"Brave" is the current watchword for virtualization software giant VMware.
VMware wants to bring enterprise-class reliability to OpenStack by releasing a distribution of cloud hosting software that runs on top of the virtualization stack.
Citrix has updated its virtual desktop and appliance software with a goal of alleviating one of the biggest problems that come with a VDI deployment: Storage.
The latest version of Parallels Desktop brings a host of new features, including increased performance, better integration between guest and host OSes, and support for the forthcoming release of OS X Yosemite.
A year ago VMware laid out an ambitious plan, now it's time to hear the details.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness