19-05-2012, 04:53 PM
VMware Security – Achieving and Maintaining a Desired Security Level
VMware Security.ppt (Size: 484.5 KB / Downloads: 40)
According to Gartner:
Most security vulnerabilities will be introduced through mis-configuration and mismanagement of Virtualized systems
Through 2009, 60% of production VMs will be less secure than their physical counterparts and 30% of deployments will have a VM-related security incident
The privileged layer of software (ESX Server) will be a target for attack
Virtualization increases risk if not controlled
Risk = Impact x Probability
Impact of incident is multiplied by consolidation
Probability of incidents is increased because of dynamics
Reduced visibility of “servers” (VM sprawl)
Offline VMs miss security updates and patches
No longer a physical barrier between systems
Increase risk of data leakage
Increase risk of “one bad apple affecting the whole crate”.
Physical Cost Reduction
Less hardware, less power, infrastructure consolidation
Efficiency and Effectiveness
Easier upgrades, better utilization of existing systems
Business Resiliency and Flexibility
Improved business continuity/failover, better test & development, easy reallocation of hardware based on demand
Tripwire ESX Server Monitoring available now
CIS Benchmark for VMware ESX Server 3.x
Secure communications (SSH2)
Service console firewall
Network security settings
Logging
File/directory permissions/access
User accounts
Change Audit capabilities for both ESX and the virtual machines
Monitor for all changes made to the Hypervisor
Monitor all supported hosted platforms