CIO Home | White Papers | Bloggers | Webcasts | Newsletters |

»

Virtualization

Virtualization Home

Newsletter Sign Up

Feature

Virtualization's Secret Security Threats

Hear what the U.S. National Security Agency thinks about the pros and cons of virtualization, inside and outside its IT department.

Leave a comment

By Galen Gruman

PAGE 3

A related concern is the hypervisor, the root layer that manages the VMs. If compromised, it could expose everything on the system. But McDowell is least worried about this scenario: "Hypervisors are very hard to write, and there are just three of them: Xen, Microsoft, and VMware," so there's not broad expertise for hackers to tap into, he said.

Leapfrog Effect

Citrix's Roemer noted that the NSA's risk examples are on the extreme side. "They're onto something there, but a lot of their needs greatly exceed that of other organizations, he said.

The NSA's Simard agreed, but noted that there's a leapfrog effect, in which the NSA and other government agencies sometimes are the first to come across a threat, and feed that experience to commercial companies to help them improve their products. The commercial companies take the issue a step further and end up having better options than the government, which then pushes the envelope in its usage and discovers new issues.

He sees this being very true in the virtualization world, where the feds were the first to see the technology as a security aid and then, more recently, as a new potential threat vector. "Hopefully, industry will learn from our worries," Simard said.

© IDG 2009

« previous page | 1 | 2 | 3

Comments

Print

LinkedIn

virtualization

More from IT Drilldown « Back to Virtualization

Articles

Open-Source Virtualization: Who's Biting?

Five Reasons the Google Chrome OS Will Flop

Why Chrome OS Will Fail -- Big Time

More Articles »

Blog Posts

Five Reasons Google Chrome OS Will Succeed

Cloud SLA: Another Point of View

Google's Cheap Cloud Storage: Worth the Price?

CASE STUDY

Disaster Can Inspire Quick Move to Desktop Virtualization

In the wake of a hurricane, a Texas hospital system's IT group overcame user reluctance to virtualize desktop PCs. Here's a look at their journey and the thorny little issue that Citrix just solved a few weeks ago: USB port support. Full Story »

More Case Studies »

Virtualization Vendor Matrix

Find out what vendors offer the products you need.

View the Vendor Matrix »

Virtualization MarketSpace

WHITE PAPERS

Removing Barriers To Better Server Virtualization Efficiency

IDC Q&A: The Mobile Workforce

Optimizing Information Insight: How to Make Fast, Reliable Decisions Based on Consolidated Information Encompassing All Your Data

Virtual PC Center Product and Technology Overview

The Benefits of Virtual PC Desktop with Telephony

Achieving Flexible Storage Scalability: The Case for Enterprise Modular Storage Arrays

Coping with SAN Storage Frustration Caused by Server Virtualization

Uncover the Benefits of Virtualization

The Business Value of Consolidating on Energy-Efficient Servers

Virtualization and the Midsize Organization: How much does it help?

Right-Sizing Your Power Infrastructure

Server Refresh Analysis

CIO eGuide: Inside the Next-Gen Data Center

How Desktop Virtualization Changes the Game for IT

Virtualization 2.0: The Desktop Revolution

Technology Guide to HP ProLiant G6 c-Class Server Blades

HP ProLiant BL460c G6 and SAP Benchmark Results

6th Generation ProLiant Servers

Double the Value of Virtualization

Clipper Group: HP Expands Server Toolkit with 6-Core AMD Opteron Processors

More White Papers »

SPONSORED LINKS

Removing Barriers To Better Server Virtualization Efficiency

Global Research: CIOs Weigh In On Virtualization

5 Key Virtualization Management Challenges

Upgrading to VMware vSphere with vWire

Maximizing website Return on Information with high-quality search

See how AT&T can help protect your network.

Webcast: Unleashing the Power of Customer Data

White Paper: Improve Agility with Operational Responsiveness

White Paper: Legacy Tools: Not Built for the Helpdesk

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game using iovation

Seven Design Requirements for Web 2.0 Threat Protection

Increase UPS efficiency without sacrificing protection.

Learn how advanced forecasting tools can deliver significant business results for global corporations.

Lower IT Costs with Oracle Database 11g Release 2

White Paper: Visibility and the New Normal of Mobile Work

Taking the Service Desk to the Next Level

Learn about The Information Technology Infrastructure Library.

Return on Information: Google Enterprise Search pays you back. Get the facts.

VMware. The source for Business Infrastructure Virtualization.

ShoreTel tells businesses to untangle from competitors' complexity and turn to its brilliantly simple UC solution

Top Five CIO Challenges

Read the RSA report: Security for Business Innovation

64-page prescriptive guide to security, compliance, and IT operations.

A Clear View Toward Virtualization

White Paper: Right-Sizing Your Power Infrastructure

Taking a Seat at the Executive Table: The Reality of Virtualization

Server Consolidation: Leveraging the Benefits of Virtualization

Return on Information: Google Enterprise Search pays you back

Cut Costs & Green Your IT Operations with PC Power Management

White Paper: 4 Customer Service Myths

White Paper: Managed Security for a Not-So-Secure World

White Paper: 5 Best Practices for Smartphone Support

White Paper: Next Generation Remote Infrastructure Management

Keeping Your Members Safe from Online Scams and Predators

The Total Economic Impact of Network Security Intrusion Prevention

Generation Remote Infrastructure Management - Changing the Paradigm

Cloud-Based Email Management: Opinion Shifts In Favor

eBook: How Can You Make Your People Productive Anywhere?

Achieving Business Agility with Application Grid

Ready to virtualize tier one applications? Check your virtualization maturity.

Seven Ways ITIL Can Help You in an Economic Downturn

Tips for successful virtualization management.

AT&T Synaptic Storage as a Service. Expand on demand

Trend Micro ranked #1 against real-world malware. Read more.

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

Streamline IT Costs. Boost Performance with WAN Optimization.

Build your 1st app FREE with Force.com

TDWI checklist helps define data readiness for analytics. Download report.

eZine: A Roadmap to Reducing IT Complexity

RESOURCE CENTER

© 1994 - 2009 CXO Media Inc.