Virtualization is changing the way IT is delivered today and the implications of this transition are endless. Virtualization is essentially taking a physical server and dividing it into multiple simulated or “virtual” servers – aka virtual machines (VMs) running on a single physical server. Now you have fewer boxes that are better used, with lower operational costs and conserved resources. As with many new and less tested methods of computing, there are often data thieves, cyber lurkers and hackers looking for undiscovered vulnerabilities in networks. With organizations deploying virtualization and increasingly moving toward the cloud, security becomes a greater concern.
With that in mind, CIOs have to make security a priority. Recent breaches, like the Wi-Fi network hack[SS1] in the Seattle area, where an open wireless network was hacked and sensitive data was stolen, and Sony’s PS3 data hack, illustrate that large data centers using virtualization are just as susceptible to an attack as traditional physical data centers.
The reality is that migrating to virtual environments poses equal security risks to physical environments for several reasons:
- Virtualization software can contain vulnerabilities and require patching just like any other application. This means patching another layer of software in addition to the pre-existing operating system (e.g., Microsoft).
- Cyber criminals are employing VM-aware malware that can spread unnoticed and unchecked among VMs due to lack of visibility into the vast amount of traffic between machines on the same server – where they often co-exist. They are like self-contained “black boxes,” which allows VM-aware malware to unknowingly spread to physical servers when moving VMs or applications.
- As VMs are added to the network, most do not automatically have security policies applied to them. In fact, many IT organizations may be unaware of the rogue VMs popping up across their environment that ultimately put their business at increased risk.
The virtual environment is very different from the “physical” data center where networks, servers and applications can be easily secured and monitored. Because of these concerns, companies are implementing security software designed for the physical environment and integrating the software into the VMs (also called virtual appliances), hoping they are protected in the “virtual world.” This approach may not effectively address malware and attacks that are VM-aware because it provides no visibility into VM movement and security policies that aren’t portable.
Create a more secure environment by keeping the following best practices in mind:
- Implement comprehensive security policies for safeguarding networks and applications mean that protection is the same for both physical and virtual resources. That is the only way to have the same degree of protection for sensitive data and resources. No one wants to take a step backward when attacks are becoming more complex.
- Avoid reliance on virtual appliances as they do not always offer viable protection. They are not able to travel with VMs throughout the network and are too bare to provide protection that adequately preserves server resources. The ultimate goal of integrating VMs is to make better use of resources, so why use a virtual appliance and lose out on all the savings of virtualization?
- Integrating full virtual network asset and configuration tracking solutions allows security administrators to configure comprehensive security policies and obtain vital information comparable to that of a physical network. In order to effectively secure VMs, visibility into how they are connected and their communication paths are needed, just like in a physical network between two servers.
- Running a comprehensive, deep-packet inspection outside of the VMs preserves computing resources for applications without sacrificing security. The procedure also allows security administrators to focus on security, while at the same time allowing server administrators to focus on VMs.
- Deploying an automated security solution allows the network to adapt to changes in virtual environments, such as introducing a new virtual machine, thus creating continuous protection of both the physical and virtual landscape.
Day in and day out, security is becoming a critical consideration for CIOs. However, comprehensive protection can be achieved if the time is taken to integrate security from the beginning.