Gartner: Virtualized servers less secure than physical ones

Analyst says virtualization deployment projects aren't considering security in initial architecture and planning stages

Channelworld staff (Channelworld India)
16 March, 2010 09:06
Comments

Through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace, according to Gartner. Although Gartner expects this figure to fall to 30 percent by the end of 2015, analysts warned that many virtualization deployment projects are being undertaken without involving the information security team in the initial architecture and planning stages.

"Virtualization is not inherently insecure," said Neil MacDonald, Vice President & Gartner Fellow. "However, most virtualized workloads are being deployed insecurely. The latter is a result of the immaturity of tools and processes and the limited training of staff, resellers and consultants."

Gartner research indicates that at the end of 2009, only 18 percent of enterprise data center workloads that could be virtualized had been virtualized; the number is expected to grow to more than 50 percent by the close of 2012. As more workloads are virtualized, as workloads of different trust levels are combined and as virtualized workloads become more mobile, the security issues associated with virtualization become more critical to address.

Gartner has identified the six most common virtualization security risks that include the information security isn't initially involved in the virtualization projects; a compromise of the virtualization layer could result in the compromise of all hosted workloads; the lack of visibility and controls on internal virtual networks created for VM-to-VM communications blinds existing security policy enforcement mechanisms; workloads of different trust levels are consolidated onto a single physical server without sufficient separation; adequate controls on administrative access to the hypervisor/VMM layer and that the administrative tools are lacking while alongside there is a potential loss of separation of duties for network and security controls.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: Gartner

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

QLogic Reseller Promotion. Bonuses on HBA and Switch Purchases. Ends June 30th, 2012

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Featured Resources

Red Light In the Control Centre Saves Hours of Chaos

First Focus’ core business is supporting customers’ networks, technical infrastructure and staff. While technical emphasis is on Microsoft server and workstation environments, many clients also run hybrid Mac, Linux and Unix environments, and First Focus has significant expertise in seamlessly integrating these technologies with Microsoft-based networks.

Most Popular Resource Papers

Market Potential-Strategy Guide to the Active Archive Market

The active archive market is a growing segment where tape is seen as part of a disk or network fileystem. This means that to an end user disk and tape are “blended” and whether file is held on disk or tape is “invisible” to the end user. The active archive market is the fastest growing space in the storage industry and allows direct end user access to tape through a file system front end.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management