With many organizations, there is a gap between the security implemented within the physical realm and the controls and policies used in the virtual environment. Why do IT teams fall behind when it comes to virtualization security tools?
Sometimes, this may be the result of immature technology that doesn’t work as well as advertised in the virtual data center. In other cases, a lack of maturity in implementing processes and procedures could be at fault, says Dave Shackleford, founder and principal consultant at Roswell, Ga.-based Voodoo Security.
Many enterprises run into virtualization network security problems in several areas. Poor inventory and lifecycle management can result in virtual machine sprawl. Change control and configuration management policies and procedures need to be updated to accommodate virtualization provisioning, deployment and changes.
Enterprises also need to pay attention to separation of duties. The creation of appropriate roles and privileges is critical to secure operations for virtualization and private clouds.
Network visibility is another pain point. Virtualization security tools such as firewalls and IDS/IPS can help. "We have much more in the way of options," Shackleford says.
Getting a handle on virtualization security is possible, but it usually requires some additional scrutiny of existing implementations and architecture. Once security professionals have a handle on the technology they have currently, they can begin to address security gaps and controls, by looking at risk.
About the presenter: Dave Shackleford is the owner and principal consultant of Voodoo Security LLC; lead faculty at IANS; and a SANS analyst, senior instructor and course author. He previously worked as CSO at Configuresoft; as CTO at the Center for Internet Security; and as a security architect, analyst and manager for several Fortune 500 companies. He currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.