By 2012 half of all the workloads run in corporate data centers will run on virtualized platforms — whether virtual servers or cloud platforms; by 2015, 40 percent of the security software that controls inside corporate data centers will be fully virtualized, according to a November, 2010 report from Gartner.
Basic security tools such as intrusion protection don’t work well with virtual machines because they’re harder to define by geography, IP or MAC address, and it’s hard for external software to see or filter communications between VMs on a single physical server, notes Neil MacDonald, VP and Gartner Fellow, who co-wrote the report.
With most tools, it’s hard for IT to even know how many of the VMs on a particular server even have all their patches up to date, Hochmuth says.
Here are some virtualization security questions to consider when making plans for your environment:
1. Is a slow server is safe server?
Just as in physical servers, adding security software adds to the workload, eats resources and lowers performance.
2. Should you even let the VMs talk to each other without encryption? Virtualizing servers means more than just being able to cram several operating systems into one box; it means creating a network inside that box across which the VMs have to communicate with each other, applications running on other servers, and the Internet, according to Matt Sarrell, executive director of security test/analysis firm Sarrell Group.
3. Do you know who or what is asking for data?
Security policies linked to MAC or IP addresses don’t work well when the entities in question are virtual, according to Gary Chen, research manager for IDC’s Enterprise Virtualization Software group.
4. Are you scrutinizing the in-between spaces?
Running virtual servers means running an additional operating system — VMware’s (VMW) vSphere, Citrix’ Xenserver or Microsoft’s (MSFT) Windows Server 2008 — that can be attacked by hackers or malware designed to recognize and respond to VMs or hypervisors, Chen says.