Virtualization Technology News and Information
Improving Microsoft Virtual Server security: Virtual machine log file monitoring

This is the next article in a series of articles by Harley Stagner for

Have you discovered a hole in your Virtual Server 2005 security? This article will offer some advice on proactive event log collection for Virtual Server 2005 so that if a security breach does occur, you will be able to collect more evidence on what actually happened. The previous article in this series taught you how to secure remote access to the Virtual Server 2005 host machine.

You will have a much easier time reconstructing a security breach if you have been monitoring and collecting the appropriate log information. In this case we are interested in information pertaining to Virtual Server 2005. Culling appropriate information from log files is tricky enough. If you do not have the appropriate information to begin with, it can be an exercise in frustration. Most of the information is logged by default. However, the security log in event viewer, in particular, is no good unless appropriate auditing is taking place before a breach.

To begin you will want to turn on the appropriate auditing for the security events. This can be done through the "local security policy" mmc snap-in, which can be found in "Administrative Tools - Local Security Policy.

Read the entire article, here.

Published Monday, March 12, 2007 7:07 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<March 2007>