Article
Search:
RSS
Security Concerns Cloud Virtualization

Many virtualization users wonder and ask about security issues and concerns within their virtualized environment.  In this article, CIO Today addresses four of the top concerns about securing virtual environments and they attempt to discern the hype from reality.  It writes: 

I.T. managers worry that security attacks designed to exploit a hypervisor could infect virtual machines that reside on the same physical host, in what is known as a "virtual-machine escape".

If a virtual machine is able to "escape" the isolated environment in which it resides and interact with the parent hypervisor, industry experts say it's possible an attacker could gain access to the hypervisor, which controls other virtual machines, and avoid security controls designed to protect the virtual machine.

"The Holy Grail of security in the virtual world is to bounce out of the [virtual machine] and take control," says Pete Lindstrom, a senior analyst at Burton Group, in a recent webcast on virtualisation security.

But while there are documented attempts to execute a virtual-machine escape, some point out that a security disaster related to such an event has yet to be proved.

"To my knowledge, there has never been a hack that has allowed a security problem to propagate from one virtual host to another by way of the hypervisor technology," says Steve Ross, a consultant with Catapult Systems, which is helping logistics provider Transplace, based in Texas, deploy and maintain its VMware virtual environments.

"It could happen, and the attacker or breach could hop from [virtual machine] to [virtual machine], but I have yet to see it as a functional exploit out there today," adds Tim Antonowicz, systems engineer at Bowdoin College in Maine.

Antonowicz, who uses VMware ESX to virtualise servers, says he tries to thwart such problems by sequestering virtual machines in resource clusters, depending on the sensitivity level of the applications or data the virtual machine is housing. "You have to segregate machines in that manner to heighten security," he says.

Read the entire article, here.

Published Thursday, December 20, 2007 9:27 PM by David Marshall
Share this post: del.ici.ousDel.ici.ous Digg ThisDigg Newsvine ThisNewsvine Reddit ThisReddit Slashdot It!Slashdot TechnoratiTechnorati
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<December 2007>
SuMoTuWeThFrSa
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345
Tags
Archives
Links
Platform Technology
Virtualization Books
Virtualization Sites