Enterprise Server Strategies for the CIO
These days, few people need to be convinced of the benefits of server virtualization. Potential upsides in terms of power costs, consolidated workloads and general total cost of ownership (TCO) have been well documented. It's the gotchas of actually implementing server virtualization, however, that are of most interest to IT shops.
One topic that's always a concern for IT professionals is security. After all, maintaining a secure Windows network is a challenge in even the most traditional server environments. Virtualization puts a whole new spin on network security, and just how it affects the overall strategy isn't always clear.
In an article outlining the impact of server virtualization, IT engineer Scott Lowe had this to say about what virtual machine (VM) management means to security: "Does server virtualization make your IT infrastructure and IT organization more secure, less secure or neither? Experts can't come to an agreement on this subject. The one thing that we do know is this: No one yet fully understands the full impact of server virtualization on network and server security."
The key is understanding the issues ahead of time to ensure the most secure virtualization installation possible. While exactly how you go about shoring up these holes varies depending on the server virtualization technology you are running, the basic principles will always apply.
Key
considerations for securing virtual environments
The best way to start is by identifying the areas you absolutely need to know about. This article
breaks down the three most critical threats affecting virtual machine security, with details on how
to harden virtual environments at the operating system, application and network level.
Server
virtualization security is all about the little things
It's important to recognize that security practices for virtual and physical machines aren't all
that different; they just require a little tweaking. Knowing what the differences are will keep you
a step ahead of potential threats.
The
right tools for virtual machine security
Different virtual infrastructures require different software to protect them. Industry experts
offer some of their favorite tools for maintaining a secure virtual environment in this article, as
well as information on when and why to implement them.
Why
virtual machines put storage networks at risk
"I consider all VMs to be hostile to the virtual environment," writes IT consultant and author
Edward L. Haletky in this tip. Click in to read why he recommends keeping hypervisor storage
separate from that which can be directly accessed by your virtual machines.
Patch
management for virtual machines
Like with all Windows server environments, staying on top of patches and updates is a must for VMs.
This checklist helps you develop a rock-solid patch management strategy and an understanding of the
potential security benefits of a standalone Hyper-V Server 2008 R2 deployment.
Dealing with
compliance in the virtualized world
Server virtualization can present you with a compliance nightmare without the proper planning. With
new challenges involving network access control (NAC), for example, meeting compliance requirements
for virtualized infrastructures requires a different way of thinking.
Security
best practices for Microsoft Hyper-V installations
With the enhancements made to Hyper-V R2, the popularity of Microsoft's server virtualization
technology continues to rise in Windows environments. But since Hyper-V is built on the Windows
Server OS, it's also susceptible to many of the same security risks. Here you'll find some best
practices for securing Hyper-V from the get-go.
Managing
security permissions in Hyper-V environments
Of course, your work's not done once Hyper-V is installed. For Windows administrators, dealing with
permissions is an essential (if unglamorous) part of the job. This tip demonstrates how to
configure permissions on Hyper-V host servers and manage them after the fact.
Looking for more information securing your virtual machines? Visit SearchServerVirtualization.com.
This was first published in March 2010
Join the conversationComment
Share
Comments
Results
Contribute to the conversation