60% Virtual Servers have Security Risks compared to Physical Servers

60% Virtual Servers have Security Risks compared to Physical Servers

Computer Security News

Gartner News

RELATED NEWS

Hrithik, 'Harry Potter' cast spell in initial weekend

Asian Games athletics: Disappointing day for India

Asian Games boxing: Mary Kom, Kavita in semis

Asian Games tennis: Somdev-Sanam win gold, Sania-Vishnu silver

Navi Mumbai airport gets environment ministry's clearance

Tennis gold-silver, archery bronze take India's Asiad tally to 36 (Evening Lead)

Yeddyurappa, the man who can dent BJP hold in Karnataka

Hindu statesman Zed wants Belgium to recognize Hinduism

Punjab drug scene hits a new 'high'

Bronze in archery, Mary Kom and Somdev eye medals (Afternoon Lead)

By Dipankar Das, Gaea News Network
Saturday, March 27, 2010

vmware_virtualization There is a caution from the analysts that many virtualization projects have been deployed without considering the information security system for the architecture design and planning. According to Neil MacDonald, vice president and Gartner fellow, the insecurity arises in a virtualization project due to immaturity of tools and processes and lack of training of staff, resellers and consultants.

Gartner further says that 18% of the data center workloads has been virtualized so far and it will go up to 50% by the end of the year 2012. The more and more workloads are virtualized, the criticality of virtualization increases and it is going to be difficult to address. The market research firm focuses information security risks in the following four key areas of virtualization.

Any security lapse of virualization layer can have ripple effect on the workloads. Gartner advises that organizations should treat this layer the most critical for x86 platform in the enterprise data center and keep it very thin. The virtualization layer is a crucial for IT infrastructure and it may contain undiscovered vulnerabilities.
Most of the organizations have software-based virtual networks and switches with the physical host in order to communicate between two virtual machines directly. This traffic will not be visible to network-based security protection devices. Gartner recommends that similar type of network security is advisable for virtual networks as for physical networks in an enterprise data center..
Major organizations are bringing more critical systems and sensitive workloads under virtualization. This can become an issue when these workloads are combined together with other workloads from different trust zones on the same physical server without proper separation. At a minimum, enterprises need similar type of separation as implemented in physical networks today for different workloads from different trust level in a data center.
Proper control for administrative access to VMM level is not followed most of the times. Administrative access to this layer must be very tight because VMM layer provides critical support. But, in reality, things get complicated because most virtualization platforms provide several number of paths of administration for this layer.
Gartner recommends to restrict role-based access control for administrator for virtualization layer in order to refine further who can do what within the virtual environment.

NAME :	(REQUIRED)
MAIL :	(REQUIRED) will not be displayed
WEBSITE :	(OPTIONAL)

YOUR COMMENT :
	Submit Notify me of followup comments via e-mail

Older News