Security of vms
-
Just wanted to see what people have done to secure their installation of virtual servers from being copied moved,tampered etc etc. It is quite a serious debate. I like to see what you guys have done to prevent theft of data or damage.
Be safe
Eric -
Uh, not really sure I understand what you're asking… It's basically the same as securing physical servers.
My systems at the office are ESXi running over iSCSI to a SAN on a physically segregated network requiring CHAP & pre-determined iqn names. We use long passwords for access via the vSphere client and only a couple people I trust have access. The whole bundle is packaged behind a door with a 6-digit numeric lock.
-
I am not really asking just wondering how people are integrating it into their environment. Since lots of people don't take this aspect of security seriously. If a person is able to access your server either physically or remotely people would really lose a lot data wise. Since virtualization is just a layer in our infrastrutre to make data access more accessible :). Just wanted to bring up the issue so many more people can benefit of knowing and a way to go implement. Since knowing and understanding is very important, don't want people to take virtualization for granted and give it a bad reputation for being unsafe.
-
I'm not seeing why virtual server security is any different than physical servers. How are people taking virtualization for granted and giving the technology a bad reputation for being unsafe? That just sounds like these people don't understand what virtualization really is.
The bottom line is no matter what your system runs on, a VM or a physical system, your system is only as safe as your policies are. Do you implement physical security? Do you enforce limited access and tack access, strong passwords, frequent password changes, minimize external physical threats, have emergency plans in place, etc… There is no difference between Virtual Servers and physical severs for the purpose of this discussion.
"Knowing and understanding is important"
-
What really scares me the most everytime I backup my VM from the server to a backup server its so easy to copy it over. Just imagine when the firewall is compromised or physically penetrated it is so easy to copy not only data but the whole server itself without stealing the physical server. Reading on they ways we can protect our VMs is to encrypt them but makes backups a bit troublesome. Physical security is just the top level of it but the software side needs more work. Just want to see more peoples idealogy on these matters not challenging anyone to flame wars of any kind.
-
The increased risk of using a VM comes from the fact that you now have another OS (effectively) separating your systems and adding complexity (and so scope for bugs). The impact depends on the VM platform and they are all different - some are written very much with security in mind, some not and most will be somewhere in the middle.
Assuming you use them for convenience and don't assume that they provide security then you're (largely) ok. If however you assume they provide the same security separation as a network cable you run the risk of being badly surprised.
-
I see you mention "physical access" to the server, that is a security risk to any system.
Physical access == full access.And securing the VM means securing the Virtualization host, both physically (this is what we have keypads and doors for right?) and remotely (management vlans is a must, also users should be password savvy).
-
I'd like to echo what Cry Havok said. Running virtually means that your threat threshold increases to encompass not only your virtual machine's potential vulnerabilities but the vulnerabilities of the underlying Hypervisor (and its associated utilities). The rule I try to adhere to is not to run machines requiring different security postures on the same VM. This is the same policy I try to use when running VLANS on a switch. For this reason I don't run firewalls virtually, and certainly not on the same host machine as I would run the machines the firewall is meant to protect. If you assume the worst case scenario in an attack (ie: if the virtual host is compromised then the underlying host machine is also compromised) and structure your network accordingly, the threat of a compromise beyond a certain acceptable threshold (ie. the entire DMZ is owned) is mitigated.