Virtualization Technology News and Information
Best Practices for Securing Virtual Networks - Part One of Three

Contributed Article from Hezi Moore, co-founder and CTO of Reflex Security

While new technologies can provide significant improvements to IT operations, organizations must also consider potential network and data security implications. 

Increasingly, server virtualization technologies are being used to consolidate physical servers and help organizations address data center management, operational and security challenges.  Virtualization provides IT departments with a great deal of deployment, configuration and performance flexibility and is emerging as one of today’s most compelling new technologies.  

However, virtualized environments face unique network security challenges that can affect the entire organization.  Adding security to your virtual network, such as a virtual security appliance, can protect critical resources from intrusion, theft, service denial, regulatory compliance conflicts or other consequences. 

Fortunately, by combining prudent security measures with advancing virtualization technologies, organizations can adopt and deploy “defense in depth” best practices without the traditional high costs and complexities associated with physical infrastructure and enjoy the benefits of a virtualized architecture while avoiding excessive risks.

Understanding Virtual Network Security Issues

Virtualization technologies have altered the concept of a network endpoint and appropriate endpoint security measures.  Until recently, network security and auditing methods that extended to the physical machine level were generally considered adequate.  However, virtualization has split the physical machine into an entire subset of virtualized servers and resources, changing the rules for network security.

While traditional perimeter and internal security devices play an important supporting role, they are not capable of fully addressing virtualized environment resources and risks.

For many organizations, there are many mission-critical reasons to consider virtual environment security.  They include:

·         Visibility and awareness inside the virtual environment:  Network traffic inside the virtual environment can be inspected and any communication auditing trails will be recorded.

·         Maintaining Regulatory Compliance:  Compliance with regulatory standards such as the Payment Card Industry (PCI), or Section 404 of the Sarbanes-Oxley Act (SOX), or Health Information Portability and Accountability Act (HIPAA) Security Rule requires companies to maintain appropriate data security procedures, controls and auditing capabilities.

·         Mobile server security issues: As virtual servers are moved to new environments, they can potentially compromise the security of their new environment.

·         Activation of stored materials: Images that have been unused may not updated with current security measures.

·         Controlling Data Access:  As with physical networks, virtualized networks need to ensure only authorized individuals and devices are allowed to access the network and communicate.  Unauthorized or malfunctioning endpoints need to be identified and restricted in an appropriate fashion. 

·         Detecting and Preventing Intrusions: As with physical networks, virtualized networks are vulnerable to intrusions that can lead to unauthorized access, data loss, service interruption or other consequences. 

·         Virtual environment misconfiguration: While physical network configurations can be checked by tracing wires, etc., virtual environments often face misconfiguration problems that can be difficult to untangle because the system is based entirely on files.

·         Access accountability: As servers multiply, departmental managers often take over part of server management, introducing a loophole in tight control of server access.

Virtualized Environment Attack Vectors

In a virtualized environment, multiple virtual servers (a.k.a. virtual machines or VMs) share a common physical host machine. Broadly, hosts and virtualized components require similar security precautions as any critical, non-virtualized IT resource.  However, virtual environments have unique attributes and incremental security challenges that are not addressed by traditional security solutions.

When a host or virtual server communicates with resources outside the host (on the LAN, Internet, etc.), it may be exposed to hostile content or users, which can result in an intrusion, malware infection or other unwanted results. 

Externally-based threats can be controlled with a virtualized security system deployed inside the virtual environment.  Because these solutions are typically executed in software, they eliminate the need for additional hardware or network reconfiguration.  They also facilitate granular control that can be specific to a virtualized LAN, LAN segment or virtual server.  As a result, the virtualized approach may have significant security, cost, configuration, and deployment advantages. Deploying a security solution in a virtual network is relatively easy and requires no down time.

Server mobility and servers-at-rest also present potential security challenges.  While physical servers are typically static, virtual servers can become much more dynamic in a virtual environment if migrated from one physical host to another utilizing such technology as V-Motion.  When virtual servers are moved, the potential exists for a compromised server to contaminate its new environment. This is also true for servers-at-rest.  If a virtual server is backed up and at rest as an image, it may not be maintained and could potentially be unpatched.  Once the virtual server is booted up back into a production environment there is a risk that this server is vulnerable and can potentially compromise the entire production environment.

Other intra-host threats include legitimate inter-VM communication and unauthorized access.  These threats may transit virtualized LAN segments unseen by external security solutions or systems inside a virtual server.  The resulting gaps create an unmonitored, unprotected security hole that may expose virtual machine to unauthorized access, infection, surveillance, Denial of Service (DoS) and more. 

Evaluating Virtual Environment Security Solutions

Virtualized environments are difficult to visually inspect and due to virtual server mobility and related issues, they often have dynamic configurations and server populations.  In this context, threats can easily spread, devices can be overlooked, and inappropriate activity can be concealed.  To prevent configuration oversights, rogue devices, auditing omissions and other issues, the security system should maintain persistent awareness of all virtualized devices, services and communications.  Typically this requires capabilities such as:

·         Automatic, on-going virtual network assessment (servers, connections, available services, etc.)

·         Virtual network traffic monitoring, analysis and reporting

While the spectrum of pertinent vulnerabilities will vary based on business and technical considerations, the virtualized security system should typically include capabilities such as:

·         Intrusion Detection / Intrusion Prevention (IDS/IPS) and LAN Firewall

·         Server-based Network Access Control (NAC) and authentication

The optimal virtualized security solution supports high-availability, wire-speed operation and will not excessively consume or compete for finite host machine resources.  This helps ensure security functions do not create unwanted interference with critical server operations and data access.  Also, it minimizes the potential for an excessively large security overhead to overtax host machine capabilities and degrade virtual server/application performance.

Virtualized environments typically contain a heterogeneous mix of virtualization platforms, devices, operating systems and applications.  Also, these environments coexist with the surrounding physical network ecosystem.  Therefore, a virtualized security solution should provide:

·         Compatibility with virtualization platforms (i.e. VMware) in the target environment

·         Compatibility with virtualized applications, OS and related infrastructure

·         Compatibility/interoperability with key physical network ecosystem elements 

To be practical, a virtualized security solution should support acquisition, deployment and management options that facilitate easy manageability and low TCO.  Criteria include:

·         Ease of device deployment, configuration and administration

·         Integrated, extensible security functionality

·         Affordable acquisition, maintenance and upgrade costs


In part two of this three part article, Hezi Moore will discuss Securing Virtual Networks: Solution Alternatives.

Hezi Moore is the co-founder and CTO of Reflex Security, a leading provider of virtual security solutions.

Published Wednesday, March 26, 2008 9:41 PM by David Marshall
Comments - Virtualization Technology News and Information for Everyone - (Author's Link) - March 27, 2008 1:23 PM

Part two of three: Securing Virtual Networks: Solution Alternatives Primarily, organizations have four alternative or complementary approaches to secure virtualized environments: physical network security devices, physical device / VLAN configurations, - Virtualization Technology News and Information for Everyone - (Author's Link) - March 28, 2008 6:53 AM

Part three of this three part article. Securing Virtual Networks: What Do You Need? A critical first step for establishing virtual network security is to establish context for the solution. This may include considerations such as:

TrackBack - (Author's Link) - March 29, 2008 2:34 PM
TrackBack - (Author's Link) - March 29, 2008 2:52 PM
parts and associates - (Author's Link) - April 5, 2008 11:07 AM
physical security - (Author's Link) - May 18, 2008 9:36 PM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<March 2008>