These days, few people need to be convinced of the benefits of server virtualization. Potential upsides in terms of power costs, consolidated workloads and general total cost of ownership (TCO) have been well documented. It's the gotchas of actually implementing server virtualization, however, that are of most interest to IT shops.
One topic that's always a concern for IT professionals is security. After all, maintaining a secure Windows network is a challenge in even the most traditional server environments. Virtualization puts a whole new spin on network security, and just how it affects the overall strategy isn't always clear.
In an article outlining the impact of server virtualization, IT engineer Scott Lowe had this to say about what virtual machine (VM) management means to security: "Does server virtualization make your IT infrastructure and IT organization more secure, less secure or neither? Experts can't come to an agreement on this subject. The one thing that we do know is this: No one yet fully understands the full impact of server virtualization on network and server security."
The key is understanding the issues ahead of time to ensure the most secure virtualization installation possible. While exactly how you go about shoring up these holes varies depending on the server virtualization technology you are running, the basic principles will always apply.
Key considerations for securing virtual environments
The best way to start is by identifying the areas you absolutely need to know about. This article breaks down the three most critical threats affecting virtual machine security, with details on how to harden virtual environments at the operating system, application and network level.
Server virtualization security is all about the little things
It's important to recognize that security practices for virtual and physical machines aren't all that different; they just require a little tweaking. Knowing what the differences are will keep you a step ahead of potential threats.
The right tools for virtual machine security
Different virtual infrastructures require different software to protect them. Industry experts offer some of their favorite tools for maintaining a secure virtual environment in this article, as well as information on when and why to implement them.
Why virtual machines put storage networks at risk
"I consider all VMs to be hostile to the virtual environment," writes IT consultant and author Edward L. Haletky in this tip. Click in to read why he recommends keeping hypervisor storage separate from that which can be directly accessed by your virtual machines.
Patch management for virtual machines
Like with all Windows server environments, staying on top of patches and updates is a must for VMs. This checklist helps you develop a rock-solid patch management strategy and an understanding of the potential security benefits of a standalone Hyper-V Server 2008 R2 deployment.
Dealing with compliance in the virtualized world
Server virtualization can present you with a compliance nightmare without the proper planning. With new challenges involving network access control (NAC), for example, meeting compliance requirements for virtualized infrastructures requires a different way of thinking.
Security best practices for Microsoft Hyper-V installations
With the enhancements made to Hyper-V R2, the popularity of Microsoft's server virtualization technology continues to rise in Windows environments. But since Hyper-V is built on the Windows Server OS, it's also susceptible to many of the same security risks. Here you'll find some best practices for securing Hyper-V from the get-go.
Managing security permissions in Hyper-V environments
Of course, your work's not done once Hyper-V is installed. For Windows administrators, dealing with permissions is an essential (if unglamorous) part of the job. This tip demonstrates how to configure permissions on Hyper-V host servers and manage them after the fact.
Looking for more information securing your virtual machines? Visit SearchServerVirtualization.com.
The VM security threat: Gone today, here tomorrow?
"One big concern is about what could happen if a flaw were found in a hypervisor, which would give attackers access to thousands of desktops sitting on a virtual server. That's not a reality today, but it's certainly a fear for the future."
-- Natalie Lambert, security analyst with Forrester Research
Read full article: The security benefits and risks of virtualization