Securing virtual systems can be a challenge. You must deal with the normal issues of system and network security in addition to ensuring that the virtual machine (VM) remains secured. Here are three steps that will help increase the security of your virtual IT environments:

1. Keep virtual machines patched at the OS and application levels. The systems that are being virtualized have no real difference in their security posture than regular discreet systems. In most cases, you buy yourself very little additional protection through virtualization. Many of the traditional attacks and exploits work normally against a virtualized host. Signs of compromise are just like a physical machine. You might notice file system changes, the installation of Trojans and malware or the extreme slowdown of the systems as they are used to perform illicit tasks. Therefore, keep those virtual systems patched at the OS and application levels and make sure you do all of the regular security things that you do for all other systems.

2. Deploy intrusion detection with a VM focus. Make sure that your detection mechanisms are keyed to the systems themselves and/or are aware of VM-specific security issues and exploits. In many cases, your traditional network intrusion detection tools and techniques will NOT extend themselves well into your virtualized environments. This may force you to change your strategy to be more host-focused than before. This is likely a good thing. At the very least, make sure your IDS/IPS vendor provides signatures for common VM attacks.

3. Keep the VM solution patched. The VM software and host OS are important to maintain the overall security of the virtual systems. If an attacker can compromise the underlying host OS or the VM application environment, they likely can penetrate the systems themselves. In fact, VMWare and other popular providers have recently received criticism for attacks that allow attackers who compromise host OS systems or gain illicit access to VMWare's hypervisor to execute commands on any and all virtual systems under the hypervisor's control. In real terms, that means that in most cases, if the attacker can compromise the host OS, they can own all of the virtual systems hosted there. Attacks against the hypervisor and other VM components are emerging and attacker research into this area is becoming increasingly popular. Make sure your vendor frequently patches known issues and that you have the needed support contracts to maintain access to security releases.

Virtualization can be a powerful solution. Done right, it can be a great advantage in both IT capability and to the bottom line. Done wrong, it can become an attacker's playground and do damage to that same bottom line. By following these basic tips, you can increase the security posture of your virtual environments and be more confident that they will stand up to assaults. You can rest assured that attackers will continue to focus on virtualization solutions and their weaknesses, so you must also continue to monitor new developments and stay current on events that surround this exciting technology.

MicroSolved, Inc.

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine