Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Understanding Virtualization Vulnerabilities

InfoSecurity Europe : 16 March, 2010  (Technical Article)
With virtual computing platforms such as VMware becoming increasingly popular, Dave Shackleford, the Director of Security Assessments at the SANS Institute examines the security implications of virtualization technologies
See our events guide listing for more details

Virtualization platforms are software. All software has flaws. Therefore, virtualization platforms have flaws. Simple logic, right? The major virtualization platform vendors, VMware, Xen (now Citrix), and Microsoft, have all had several vulnerabilities over the last few years. However, the major components of a virtualization infrastructure and the IT strategy related to deployment and maintenance of virtualization technologies can be planned and secured fairly well. The following sections will explore the major areas of concern for security professionals.

I. Hypervisor security - The hypervisor is a piece of software, in many cases, unless integrated directly with the host platform (see the next section). The major virtualization vendors release patches for their products like any other software providers, and the key to mitigating the risk of hypervisor vulnerabilities is a sound patch management process. Examples of sound patch management practices include maintaining the latest service packs for both guests and hosts, alleviating any unnecessary applications that have a history of vulnerabilities, and applying the latest security rollup patches if and when they are supplied by the virtual software vendor.

II. Host/Platform Security - The host platform, which connects the VMM and virtual guests to the physical network, can vary widely in the type of configuration options available. This is largely dependent on system architecture; for example, VMware's ESX Server platform has a number of similarities to Red Hat Linux.

Given that many of these systems are able to be hardened considerably, a number of "best practice" configuration guidelines can be applied, including setting file permissions, controlling users and groups, and setting up logging and time synchronization. There are many freely available configuration guides from the virtualization platform vendors, the Center for Internet Security (CIS), NSA, and DISA.

III. Securing Communications - Securing communications between the host system and desktops or a management infrastructure component such as VMware's vCenter is essential in order to prevent eavesdropping, data leakage, and Man-in-the-Middle attacks. Most of the well-known platforms today support SSH, SSL and IPSec for any communications that are required, and one or more of these should be enabled.

IV. Security between guests - One of the biggest security issues facing the virtualized enterprise revolves around the lack of visibility into traffic between guests. Inside a host platform is a virtual switch that each guest connects to - in essence, the host's physical NICs are abstracted into a switching fabric.

In many organizations, network monitoring and intrusion detection solutions have long been established to gain visibility and security alerting on critical network segments. With the advent of the virtual switch, all inter-VM traffic on a host is contained entirely within the host's virtual switching components, so visibility and security is severely compromised. Fortunately, most enterprise-class virtualization solutions have traditional Layer-2 switching controls built in, so it's possible to create Mirror ports on the virtual switch to monitor traffic.

V. Security between host/guests - The concept of "VM Escape", where malicious code could "break out" of the VM Guest and execute on the underlying Host, has been a hot topic of discussion in the information security community. Unfortunately, all signs point to this being possible; in fact, several instances of exactly this kind of attack have already been demonstrated.

All of these issues can be remedied with vendor-supplied patches, but in the interim, the safest method for protecting against VM escape and other attacks that relate to guest-host interaction is to turn off services you don't need.

In conclusion, there are a number of security issues that should be considered when planning, deploying, and maintaining server virtualization technologies. Many of these can be mitigated with a proper configuration management program - defining policies and configuration guidelines, creating procedures to implement the policies and maintain them, and following best practices in patch management for virtual Hosts and Guests. Although the technology is new, and we have much to learn, properly configuring and locking down systems can significantly reduce our exposure.

SANS Institute is exhibiting at Infosecurity Europe 2010, the No. 1 industry event in Europe held on 27th - 29th April in its new venue Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo