INTEROP - Virtual server sprawl highlights security concerns
- 1
- 2
- < previous
The relatively small amount of code in a hypervisor makes it somewhat resistant to malware. But a recently found flaw in VMware's desktop virtualisation software raises concerns about the safety of its server virtualisation technology, Lynch argued, saying he expects major hypervisor-based attacks this year. Gartner analyst Neil McDonald has said more than 60 per cent of virtual machines in production are less secure than their physical counterparts, Lynch noted.
IDC predicts that half of physical servers will be virtualized by 2011, Lynch said. So-called virtual appliances can be downloaded from VMware's Web site, and could ultimately become the most prevalent way to deploy software, Lynch said. But these appliances also raise new concerns. It's tough to know whether the virtual appliance downloaded over the Web actually comes from a trusted party, or whether updates come from a trusted source, Lynch said.
Virtualisation in general requires a new approach to security, but progress on this front is slow and full of roadblocks for enterprises who might be fooled by industry claims, Lynch contended.
IT has to watch out for security vendors that simply take an application, drop it into a virtual machine and claim it's now "virtualisation-aware," Lynch said.
Security could be built directly into the hypervisor, but hypervisor designers aren't necessarily security experts, Lynch said.
Some movement is afoot for security tools that are basically hypervisor plug-ins, he noted. IBM introduced an intrusion-prevention project related to virtualisation, and VMware in February released a set of APIs designed to give security vendors more visibility into the hypervisor.
This essentially gives more insight into the "black hole the hypervisor guys have created," Lynch said. But unless VMware is really selective about its APIs, new risks could be introduced, he said.
"There's no such thing as private APIs," Lynch said. "They're out and about pretty much as soon as they're announced."
- 1
- 2
- < previous
Click here for case studies, whitepapers and other useful vendor content 
ARN Panel Sessions: Day 3The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?
Weekly Tech News Update: 21st November 2008Yahoo's CEO says goodbye, Intel introduces a new processor, and robots run wild. All that news and more on this week's World Tech Update
Electronic voting in U.S. electionDoubts about voting machines are lingering in the minds of many Americans as they head to the polls.
When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 20 November, 2008 17:34:00
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 20 November, 2008 12:06:00
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 20 November, 2008 12:04:00
NetApp Named 2008 Citrix Ready Solution of the Year by Citrix Systems 20 November, 2008 11:33:00
Extreme Networks Ethernet Transport lowers total cost of ownership for carrier metro networks 20 November, 2008 10:21:00
V/Line and Oakton use Microsoft SQL Server 2008 to develop an Executive HR Dashboard
With the help of Oakton, V/Line - Victoria's regional public transport provider - utilised Microsoft SQL Server 2008 to develop an Executive HR Dashboard report.
Buying Guides
Buying Guides
