The benefits of virtualization and its impact on IT infrastructure is not hidden from any of us. The conventional IT infrastructures are being replaced by virtual IT environments at a rapid pace. Before I list the major security challenges before the IT departments after deploying virtualization, it is mandatory to make a statement that virtualization has indeed pitched better ROIs, reduced running costs, more flexibility and scalability and better utilization of resources in data centers, private and public cloud environments. But the question is, Are we neglecting the security concerns and threats posed by this trending virtual IT world? Although the complete list of security threats is not yet drawn by any expert yet, but yes, the impact of server and network virtualization has raised some security concerns.
Security Concerns in Virtualization
Network Security Policy
Most of us believe that virtualization of network brings more security since the virtual networks are isolated from each other and from the physical network. These isolated virtual networks with workloads reside either on same abstraction layer or on different layers. Although this isolation separates the virtual network from the physical network, the movement of workloads and virtual servers needs the network security policies to be changed dynamically.
Creating VMs looks an easy task for IT administrators and this temptation to create more and more VMs leads to what is called VM sprawling. In the task of creating VMs, we often forget the optimal levels of VM creation and in the process, leave some of the VMs neglected. The different operating systems running on VMs need to be properly updated and patched on a regular basis to counter latest security threats. VM sprawling increases the chances of many VMs left unattended and not getting patched which creates loopholes in the virtual IT infrastructure as far as security is concerned.
Does this “virtualized attacks” term seems new? Well, this is true, the hackers have used this new technology as its tool to attack the IT infrastructure. Since the resources like memory are shared by both Host machine and VMs, this shared memory, if attacked can exploit both host and guest machines. The only link between the host and VMs i.e. hypervisor if compromised, can also increase the vulnerability of entire virtualized It infrastructure.
The VMs are susceptible to attacks from traditional viruses, key loggers or spyware, and the exploiters can further use the compromised VMs to exploit other VMs sharing the hypervisor and physical network.
The security of virtualized IT infrastructure is not a post-implementation process but rather a pre-implementation mechanism which has to be drafted carefully and in a transparent way. Apart from adopting traditional methods of security, the security at the hypervisor layer, which is the backbone of virtualization, should be made strong. Following preventive steps on hypervisor layer can deter the attacks to much extent.
- Install latest service packs and patches to the hypervisor.
- The hypervisor logs should be constantly monitored for any security breach.
- Disable any unused service or VM connecting hypervisor.
- Disable any local administration of hypervisor. It should be controlled by centralized management software like VMware’s vCenter server
- The access to hypervisor should have multi-level authentication.
As I already stated that a proper planning is needed to create a fool-proof secure virtual environment. So you have to be alert and disciplined to counter the security concerns of the ever-growing virtualization environments.