60% Virtual Servers have Security Risks compared to Physical ServersBy Dipankar Das, Gaea News Network
Saturday, March 27, 2010
There is a caution from the analysts that many virtualization projects have been deployed without considering the information security system for the architecture design and planning. According to Neil MacDonald, vice president and Gartner fellow, the insecurity arises in a virtualization project due to immaturity of tools and processes and lack of training of staff, resellers and consultants.
Gartner further says that 18% of the data center workloads has been virtualized so far and it will go up to 50% by the end of the year 2012. The more and more workloads are virtualized, the criticality of virtualization increases and it is going to be difficult to address. The market research firm focuses information security risks in the following four key areas of virtualization.
- Any security lapse of virualization layer can have ripple effect on the workloads. Gartner advises that organizations should treat this layer the most critical for x86 platform in the enterprise data center and keep it very thin. The virtualization layer is a crucial for IT infrastructure and it may contain undiscovered vulnerabilities.
- Most of the organizations have software-based virtual networks and switches with the physical host in order to communicate between two virtual machines directly. This traffic will not be visible to network-based security protection devices. Gartner recommends that similar type of network security is advisable for virtual networks as for physical networks in an enterprise data center..
- Major organizations are bringing more critical systems and sensitive workloads under virtualization. This can become an issue when these workloads are combined together with other workloads from different trust zones on the same physical server without proper separation. At a minimum, enterprises need similar type of separation as implemented in physical networks today for different workloads from different trust level in a data center.
- Proper control for administrative access to VMM level is not followed most of the times. Administrative access to this layer must be very tight because VMM layer provides critical support. But, in reality, things get complicated because most virtualization platforms provide several number of paths of administration for this layer.
Gartner recommends to restrict role-based access control for administrator for virtualization layer in order to refine further who can do what within the virtual environment.
Tags: data cnter, Gartner, Information Security, Virtual Server, Virtualization