Feature

Audit and Improve Virtual Server Security: Five Tips

Bad physical networking decisions. Unpatched systems. Too much access to virtual server management consoles. These and other problems can degrade the security of your virtual servers. If you're ready to improve virtual server security, consider this five-step checklist as a start.

By Carol Sliwa

PAGE 2

Consider this five-step checklist when securing a virtual server environment:

1. Conduct a full risk assessment to understand how resources have been separated and aggregated.

"Don't forget what you've learned about risk management and configuration," advises Pete Lindstrom, an analyst at Burton Group. "There's not a whole lot that has changed drastically, except it's sort of mind-expanding to consider the notion that a physical host has an entire network segment sitting inside it. That means you need to evaluate the configurations of the virtual machines themselves. Do that the same way you do any other configuration audit."

2. Validate the process for creating, deploying, managing and making changes to virtual machines.

This is particularly important now that steps such as procuring hardware, loading the operating system, testing and arranging for rack space are no longer required, says John Pescatore, an analyst at Gartner.

"It's very important that virtual machines don't necessarily belong to one group within an organization," adds Standard Insurance's Love. "From a security standpoint, it helps having a dialog with the people administering the systems and the network group to understand what's changing in the virtual environment."

Citing an example of a potential problem, he adds, "You could have a virtual machine come up and be taken offline before you run your scans."

3. Securely configure the virtualization layer and keep patches up to date.

"Read the hardening guidelines as a starting point to develop a baseline and then audit against that to ensure the security of the virtualization layer hasn't drifted," advises Neil MacDonald, an analyst at Gartner. Tools from vendors such as Configuresoft and Tripwire can help with configuration, MacDonald says.

4. Secure the internal virtual switch inside the virtual server. Weigh the need for additional controls such as a virtual firewall or virtualized intrusion protection system.

"You have to pay attention to how your VMs are communicating with each other and with the outside world, and that means through the virtual switch infrastructure on the physical box," said Lindstrom. "You have to pay attention to the configuration of those switches and the movement of traffic and the accessibility to that traffic, from VM to VM and from VM to external devices."

5. Exert tight controls on access to the service console and management tools

You want to thoughtfully control access to consoles and tools such as VMware's VMotion and Virtual Center, and their equivalents in other environments. Best practice calls for management tools to run on a separate network.

Loading...
Virtualization Vendor Matrix

Find out what vendors offer the products you need.

View the Vendor Matrix »
Virtualization ABCs

Get up to speed on virtualization.

Learn More »
Virtualization MarketSpace
As data centers expand, the complexity of heterogeneous computing environments has become an impediment to efficient IT service delivery. Companies are looking for ways to address this complexity and improve the manageability of their data centers. Symantec can help you standardize your IT environment, systems management tools, and configurations to improve operational efficiency, reduce costs and complexity, and mitigate downtime.

Standardization Data Sheet
Today's enterprise data centers face the growing demand for the latest servers and additional storage capacity, as well as, the need for improved availability of their mission critical applications. Download »
 
SPONSORED LINKS
 

Choose a mobile device platform with familiar programs and simplified management

Webcast: Building an Optimized Infrastructure

Transforming Virtualization into a Competitive Advantage

The Great Email Security Debate: Appliances, SaaS, or Virtual?

Outbound Email and Data Loss Prevention in Today's Enterprise

Juniper Networks is changing the economics of networking with a no-compromise, highperformance and service-oriented approach

Research about the efficiencies created by different operating systems.

Unified Communications Software: The Death of VoIP?

HP and Oracle deploy unbreakable computing infrastructure at Replacements, Ltd.

Seeing is Believing: The Value of Video Collaboration

Getting Network Management Right: A Gartner IT briefing

Oracle Database 11g: Real Application Testing & Manageability

Key challenges facing today's IT service and support

Sheriff's Office Uses PocketCop to Access Police Databases from BlackBerry® Smartphones

The BlackBerry Solution Adds Significant Benefit to Toshiba

The New Foundation of Storage: Xiotech's Intelligent Storage Element

Extending PCI Compliance to the Mobile Workforce

The Universal Wireless Client: Simplify mobility and reduce the cost of supporting mobile workers

Top 10 Reasons to Go Green in IT

Rethinking the Corporate Help Desk: Learn how to deliver anywhere, anytime incident response

Write an RFP for Master Data Management: 10 Common Mistakes to Avoid

HP Puts Its Disaster-tolerant Capabilities to the Test

Microsoft System Center - Designed For Big

Read Forrester's advice for deploying an enterprise mobile solution

Do the math-calculate the impact of mobile device deployment on your bottom line

Messaging Security Goes Virtual

Green IT: Reducing Your Carbon Footprint with Citrix

Webcast: Achieving business alignment and agility with the right capabilities framework

The Advantages of Identity Based Encryption

White Paper: Juniper Networks Ethernet Switching Solutions Reduce Operational IT Expenses

Webcast: Learn why companies must invest in an agile network infrastructure

White Paper: Businesses Thrive by Unifying Business Communications

Efficient by design: Watch this flash demo of the Quad-Core AMD Opteron Processor

Renowned Engineering Institution Chooses AMD Processor-Based Servers

High-Definition: The Evolution of Video Conferencing

Unify and Conquer: The Benefits of Unified Communications.

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

How to Manage the Mobile Work Environment

Heinz Uses a Wireless, Automated, Auditing process on BlackBerry® devices

Webcast: Solutions to the Toughest IT Challenges in Remote Offices

How to simplify mobility and reduce the cost of supporting mobile workers

Webcast: Why standardizing your ECM platform is so critical to your success

White Paper: WebMethods Business Process Management Suite

Gaining Transparency in IT Outsourcing

Top 10 Misconceptions about Performance and Availability Monitoring

Network Immunity Manager Video

Cost-Effective Data Center 1U Server Solutions

Automate Business Processes - Try a Free Mashup Composer

Improve device management - Microsoft® System Center Mobile Device Manager

Explore the interactive whitepaper: Rightsizing Blades for the mid-market

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords