Home > Security Tips > Network Security Tactics > How to build security into a virtualized server environment
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

NETWORK SECURITY TACTICS

How to build security into a virtualized server environment


Thomas Ptacek, Contributor
06.17.2008
Rating: -4.27- (out of 5)


Network Security Tactics
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


Virtual machines are to today's enterprises what VLAN switching was in the '90s: a transformative technology that simplifies IT, so compelling that it promises to become ubiquitous in a short period of time.

Unfortunately, there's no such thing as a free lunch. Enterprise security teams largely ignored the security implications of VLANs. Today, as a result, penetration-testing teams can often break into a receptionist's desktop computer, for example, and get a clean shot at mainframes and storage networks.

How can the industry avoid the same mistakes with virtualization? By tracking virtualization technology as it evolves, and thinking like an attacker. In this tip, we'll cover ways to proactively build security into a virtual server environment.

Server virtualization requires new thinking
First off, stop thinking about virtual machines the way they're currently used. The technology is widely deployed today, but tomorrow it will be universal. New applications simply aren't going to be deployed on physical hardware; soon nearly all application servers will be managed from a virtualization console.

Look at that architecture the way an attacker would: Virtualization controls every application in the enterprise. Therefore, virtualization infrastructure is the most valua



ble target on the network. It's the first thing they're going to go after.

Using policy and technology
Next, remember an iron law of IT security: no matter what policies and controls are in place, some machines will be compromised. Plan for it.

Before virtual machines, those compromised systems gave attackers access to the internal network. With virtual machines, not only do they get access to the network, but also any attached virtualization infrastructure, putting all virtualized systems -- and the data they contain -- at risk.

The most important challenge in virtualization security is to prevent that access from being a "game-over" threat that surrenders every other virtual machine in the enterprise. How can that be accomplished? Here are some tactics:

About the author:
Thomas Ptacek boasts more 10 years of product development and security research experience prior to founding consultancy Matasano Security. Thomas has owned technical operations at Chicago's most popular ISP, authored Insertion, Evasion, and Denial of Service, a landmark paper which broke every shipping intrusion detection product on the market, and at Arbor Networks led the development of a security product deployed on the backbone of virtually every tier-one ISP worldwide.


Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




BROWSE BY TAG
Network Security Tactics,   VLAN Security Management,   NAC and Endpoint Security Management,   Enterprise Network Security,   Application and Platform Security,   Virtualization Security Issues and Threats,   Wireless Network Security: Setup and Tools,   Wireless LAN Design and Setup,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Network Security Tactics
Screencast: Samurai offers pen-testing nirvana
Firewall rule management best practices
Chained Exploits: How to prevent phishing attacks from corporate spies
Rootkit Hunter demo: Detect and remove Linux rootkits
Enterprise UTM security: The best threat management solution?
Making the case for network security configuration management
An inside look at security log management forensics investigations
How to find sensitive information on the endpoint
How to perform Microsoft Baseline Security Analyzer (MBSA) scans
How to spot attacks through Apache Web server log analysis

VLAN Security Management
Cloud, virtualization servers pose challenges for PCI compliance
How should service providers address VoIP security issues and threats?
How to secure servers when implementing internal network applications
Microsoft NAP-TNC compatibility won't speed adoption, users say
Hackers have knack for beating NAC systems
NAC helps aerospace firm's network blast off
Network Access Control Learning Guide
Using VLANs to compartmentalize WLAN traffic
RSA Conference 2006
Popular VLAN attacks and how to avoid them

Virtualization Security Issues and Threats
Virtual appliances boost flexibility, improve security
Lack of cloud computing definition adds confusion, risk
Three cloud computing risks to consider
App service cloud could boost security, manageability
Kodak CISO on virtualization, compliance
Face-off: Assessing cloud computing risks
Citrix virtual desktop, app delivery controller includes security benefits
Who should secure virtual IT environments?
Who should secure virtual IT environments? (Part 2)
Trend Micro to acquire Third Brigade for virtualization, cloud security

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
VLAN hopping  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
More Security Resources for Resellers, VARs and OEMs
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts