Virtualization is everywhere. In one sense, our entire computing environment is a veritable virtual wonderland. What makes virtualization interesting from a security perspective is its ability to isolate -- it's a tool for separating processes without deploying a cumbersome physical infrastructure.
There are three areas where virtualization is becoming commonplace, and each has its place in the security world:
- Virtual Machines (VMs) emulate an operating system and virtualize the physical hardware environment, allowing multiple OSes to run on a single system. VMs -- such as VMWare or Microsoft VPC -- enable the creation of a virtual appliance to isolate applications and compartmentalize risk by limiting the ability of an exploited application to further compromise the system. The virtual system runs like a normal system; the benefit comes from running other applications on another VM or on the native system. VMs are also useful for testing patches, configuration changes or the effects of new applications without impacting production systems.
- Virtual Networks (e.g.,VLANs) segregate traffic on the same physical network infrastructure so that, for example, two machines connected to the same switch act as though they're on completely separate networks. VLANs are useful in building "gated communities" online, or quarantining untrusted or compromised systems from the rest of the network. Endpoint security products lean heavily on VLANs to create quarantine zones and restricted access segments for policy enforcement.
- Virtual Applications are becoming significant as companies consider Web Services and grid computing to share underlying resources and provide a resilient infrastructure to the application environment. In such implementations, virtual applications may run on multiple servers. This abstraction can confuse an attacker, who can't identify what physical platform has been compromised, in the same way that a proxy server can act as a shield to an endpoint.
Despite all of the security-friendly capabilities of virtualization, these implementations aren't immune to attack. They must still answer to a higher power-the physical computers on which they live. It's possible that virtualized programs can be deleted or modified or compromised in some other way. There are always touch points to the untrusted environments.
Still, virtualization is providing security managers with a new set of tools for building, testing and managing defenses without the cost of expensive test labs and cumbersome infrastructure. Eventually, virtualization will provide us with models that will allow us to test hypothetical situations and response decisions.
About the author:
Pete Lindstrom, CISSP, is research director at Spire Security.