• RSS
  • Twitter
  • FaceBook

Virtualization Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Hypervisor security

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [General Virtualization Topics] >> Server Virtualization >> Hypervisor security Page: [1]
Login
Message << Older Topic   Newer Topic >>
Hypervisor security - 30.Nov.2010 2:25:13 AM   
Scott Lowe

 

Posts: 444
Joined: 13.May2010
Status: offline
The topic of hypervisor security has garnered a lot of interest as organizations struggle to deal with virtual server sprawl. It's become very easy to push a few buttons and deploy dozens of new virtual servers, each one of which can be an point of entry into the organization. Worse, hypervisors themselves can be attacked if not properly secured.

What steps, if any, are you taking in your organization to address the issue of security in your virtual environment?

Scott
Post #: 1
RE: Hypervisor security - 30.Jun.2011 11:33:57 AM   
georgec

 

Posts: 28
Joined: 16.Nov.2010
Status: offline
I think the first step in securing Virtualized environments is to put in place a good VM management policy to avoid VM sprawl. A good policy/procedure is one that is revised on regular basis between IT people and Data/service owners.

(in reply to Scott Lowe)
Post #: 2
RE: Hypervisor security - 30.Jun.2011 11:51:15 PM   
Scott Lowe

 

Posts: 444
Joined: 13.May2010
Status: offline
What steps do you recommend that people take to avoid VM sprawl? Do you have specific policy pointers you might share?

Scott

(in reply to georgec)
Post #: 3
RE: Hypervisor security - 1.Jul.2011 11:51:33 AM   
georgec

 

Posts: 28
Joined: 16.Nov.2010
Status: offline
I recall one important element of the VM policy document that stated that users (data owners) requesting new VMs had to specify the expected lifetime of the VM. When this expires the IT staff was instructed to verify with the user and get confirmation from his/her immediate superior to justify another time slot, otherwise the VM is backed up and terminated.

Every environment has its own restrictions but a good practice is to set up a policy based on the resources available and business priorities.

(in reply to Scott Lowe)
Post #: 4
RE: Hypervisor security - 31.Jul.2011 6:01:59 PM   
Scott Lowe

 

Posts: 444
Joined: 13.May2010
Status: offline
George,

Good points all. Taming virtual machine sprawl is even more important now that VMware has instituted new licensing policies that actively punish customers for overallocating RAM whether it's due to creating an unnecessary VM or creating a VM with too much RAM.

Scott

(in reply to georgec)
Post #: 5
RE: Hypervisor security - 11.Aug.2011 12:06:30 PM   
georgec

 

Posts: 28
Joined: 16.Nov.2010
Status: offline
Hi Scott,
quote:

new licensing policies that actively punish customers for overallocating RAM


I don't know on what basis VMware decided to go for this new licensing model but it seems that they want to make more money out of VM sprawl and the usersí negligence or inability to control it! Without knowing much details of the new licensing model, I would comment against it as I think itís inappropriate to have a vendor determining a baseline for memory usage and then charge users against that baseline. I might agree with this model if VMware reduces considerably the initial licensing costs!

(in reply to Scott Lowe)
Post #: 6
RE: Hypervisor security - 25.Oct.2011 3:37:35 PM   
atc

 

Posts: 66
Joined: 19.Oct.2011
Status: offline
I am new to this forum.

This thread is old but the topic I believe is an important one.  Hope there will be more discussion on this subject.

For me, this is particular important when the hypervisor is hosting virtual desktops.

VMware seems to have new features for security in vSphere 5.

(in reply to Scott Lowe)
Post #: 7
RE: Hypervisor security - 27.Oct.2011 11:52:40 PM   
Scott Lowe

 

Posts: 444
Joined: 13.May2010
Status: offline
George,

Exactly! All VMware really did with this was eliminate core count as a licensing limitation and replace it with a more volatile RAM count. There is no value add for the customer... just more out of pocket.

Scott

(in reply to georgec)
Post #: 8
RE: Hypervisor security - 9.Dec.2011 4:08:57 PM   
atc

 

Posts: 66
Joined: 19.Oct.2011
Status: offline
We need to have a different mentality when it comes to security on a virtualized environment.

For example, in the traditional model, we put 802.1X on the desktop so that user can provide their credential in order to access the network.

If using host based VDI and dumb terminal, 802.1X is not as useful.

The parameter and access point has changed and we need to look into where in the network that we need to put security check points to guard the data center.

(in reply to Scott Lowe)
Post #: 9
RE: Hypervisor security - 4.Jan.2012 6:30:43 AM   
mountainman

 

Posts: 37
Joined: 9.Dec.2011
Status: offline
quote:

hypervisor security has
Hypervisors are light weighted, unbelievably fast, extensible Benefits of Hyper-V pluggable for our personal computers.

_____________________________

Dell Virtualization is used to centralize administrative tasks, improve scalability and work loads. Dell Server Virtualization | Dell cloud storage

(in reply to atc)
Post #: 10
RE: Hypervisor security - 14.Jan.2012 3:32:01 AM   
xxzy

 

Posts: 5
Joined: 13.Jan.2012
Status: offline
A good policy/procedure is one that is revised on regular basis between IT people and Data/service owners.

WOW Gold
Buy Tera Gold
cheap tera gold

(in reply to mountainman)
Post #: 11
RE: Hypervisor security - 2.Jan.2015 8:08:06 AM   
ingilizcekursu

 

Posts: 1
Joined: 2.Jan.2015
Status: offline
thank you

ingilizce kursu

(in reply to xxzy)
Post #: 12

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [General Virtualization Topics] >> Server Virtualization >> Hypervisor security Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts



Receive all the latest articles by email!

Receive Real-Time & Monthly VirtualizationAdmin.com article updates in your mailbox. Enter your email below!

Become a VirtualizationAdmin.com member!

Discuss all your Virtualization issues with thousands of other experts. Click here to join!