NETWORK SECURITY TACTICS
How to build security into a virtualized server environment
Thomas Ptacek, Contributor
06.17.2008
Rating: -4.27- (out of 5)
|
Virtual machines are to today's enterprises what VLAN switching was in the '90s: a transformative technology that simplifies IT, so compelling that it promises to become ubiquitous in a short period of time.
Unfortunately, there's no such thing as a free lunch. Enterprise security teams largely ignored the security implications of VLANs. Today, as a result, penetration-testing teams can often break into a receptionist's desktop computer, for example, and get a clean shot at mainframes and storage networks.
How can the industry avoid the same mistakes with virtualization? By tracking virtualization technology as it evolves, and thinking like an attacker. In this tip, we'll cover ways to proactively build security into a virtual server environment.
Server virtualization requires new thinking
First off, stop thinking about virtual machines the way they're currently used. The technology is widely deployed today, but tomorrow it will be universal. New applications simply aren't going to be deployed on physical hardware; soon nearly all application servers will be managed from a virtualization console.
Look at that architecture the way an attacker would: Virtualization controls every application in the enterprise. Therefore, virtualization infrastructure is the most valua
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
ble target on the network. It's the first thing they're going to go after.
Using policy and technology
Next, remember an iron law of IT security: no matter what policies and controls are in place, some machines will be compromised. Plan for it.
Before virtual machines, those compromised systems gave attackers access to the internal network. With virtual machines, not only do they get access to the network, but also any attached virtualization infrastructure, putting all virtualized systems -- and the data they contain -- at risk.
The most important challenge in virtualization security is to prevent that access from being a "game-over" threat that surrenders every other virtual machine in the enterprise. How can that be accomplished? Here are some tactics:
About the author:
Thomas Ptacek boasts more 10 years of product development and security research experience prior to founding consultancy Matasano Security. Thomas has owned technical operations at Chicago's most popular ISP, authored Insertion, Evasion, and Denial of Service, a landmark paper which broke every shipping intrusion detection product on the market, and at Arbor Networks led the development of a security product deployed on the backbone of virtually every tier-one ISP worldwide.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSecurity.com.
Register now
to start rating these tips. Log in if you are already a member.
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
