|
Virtualization changes the game for enterprise IT, but security doesn't have to be a barrier to implementation.
Five years from now, few enterprises will use "real" computers. Everything done with databases, Web applications or file shares will be intercepted and emulated by virtualization software, allowing one rack-mount server to act like 10.
Virtualization is inescapable; it's the most important new force in enterprise IT since IP networks.
A security professional could be forgiven for feeling a lingering sense of dread about the implications of this trend. On internal networks, virtualization is redrawing the map, taking servers and applications that were once separated by hardware and network filtering and cramming them onto the same blade server. No change that far-reaching could come without security challenges, and the products we're using to make those changes aren't even 10 years old.
The good news is that virtualization is a win for enterprise security. Patching, staging, deployment and change management--chronic headaches for IT security--get easier in virtualized data centers. The bad news is, before virtualization solves those problems for us, we've got challenges to overcome. In no particular order, here are five do's and don'ts for avoiding virtualization pitfalls.
| 
