Q

Does automatic IP addressing carry any security implications?

Is automatic IP addressing a suitable option, or should network and security teams still manually assign IP addresses? Expert Brad Casey discusses.

We're beginning to integrate virtual servers into our on-site data center for the first time, and the virtualization...

team is pushing for auto-assigning of IP addresses, a task the network/security team previously handled. Are there any security implications (pro and con) from making this change?  

Ask the Expert!

Have questions about network security for expert Brad Casey? Send them via email today! (All questions are anonymous)

As in almost all things security related, the security implications of automatic IP addressing depend on a number of factors. First, what exactly is getting virtualized? Is the whole server infrastructure being virtualized? Is it only a partial effort, or will it be a staggered approach that results in a gradual virtualization? If it's only a partial effort, which servers will be virtualized?

I'm biased in favor of having the network/security team in charge of all IP addressing, whether it be DHCP or statically assigned IP addresses. Eventually, every network/security team should have a grasp (if they don't have it already) of the overall picture in terms of the network topology, network policies, the current security posture and so on, meaning they are the most knowledgeable candidates to handle IP addressing.

The only pro I can see in favor of allowing the virtualization team to handle automatic IP addressing is that they would most likely have a better handle on what virtual IPs exist within the network. Still, halfway competent network/security teams should eventually gain a good grasp on virtual IPs too. So, the network/security team maintaining IP addressing responsibilities just makes more sense.

This was last published in April 2013

Dig Deeper on Network Protocols and Security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close