Quoting Dr. Dobb's Journal

With the gowing adoption of virtualization technologies, different software environments are being placed in proximity to each other without the traditional barriers of network interface separating them. This brings up new security questions. We recently spoke with OpSource's David Englebrecht about this issue.

DDJ: David, when it comes to virtualization, is security an issue?

DE: Yes, a previously well-thoughtout security model must be revaluated before the introduction of virtualization to an environment. With the internal traffic mapping capability of common virtualization engines such as , it opens the possibility for virtual machines to talk to one another without going through border network protection. This requires that infrastructure managers take steps to enforce network fire walling between VLANs with default routes to a firewall. Other best practices include reinforcing network intrusion detection with host-based systems, requiring system-level anti-virus solutions, and stringent image release security regression practices.

DDJ: OpSource is primarily known as an Software-as-a-Service (SaaS) company. What does this have to do with virtualization?

DE: OpSource is a delivery partner for SaaS, on-demand, and webware companies looking to launch solutions. We have brought more than 100 applications to market under our OnDemand product. Virtualization is used in many delivery environments to provide customers environments with higher availability and more flexible growth capabilities.

DDJ: And how does security relate to this?

DE: As a SAS70, SFDC, and WebEx certified application delivery provider, OpSource has strict security policies we protect for all our customers.

DDJ: Is there a web site readers can go to for more information?

DE: Sure, they can visit www.opsource.net.

Read or comment on the original, here.