In a recent InformationWeek poll, 70% of respondents report they're running at least one virtualized server, yet less than 12% have a security strategy tailored to their virtual environment. Given the relative nascence of virtualization offerings for the x86 platform, this doesn't come as a shock, but that also doesn't mean it's acceptable. Of those without a security plan in place, almost half believe that virtual machines are as secure as traditional servers, while another 18% admit they don't know whether virtualization changes the rules of the game for security (see chart below of responses filtered for "no plan in place").
There's little doubt that virtualization is an important and disruptive technology that will, in a relatively short period, change the face of the data center. Because virtualization is so disruptive, it also will clearly change the rules for how enterprises secure their data and their computing infrastructure. And, while we don't believe that virtualization should remain off limits until a security strategy is fully nailed down, smart organizations will develop security and management strategies as they develop deployment plans for virtualization.
New threats to security come on two fronts. The first and most obvious is the additional software footprint represented by virtualization. On the desktop, virtualization is often implemented as an "application" that runs as a process under a desktop operating system, like Windows. For servers, hypervisors have emerged as the preferred method for introducing a hardware virtualization layer between the "bare metal" hardware and general-purpose operating systems.
As such, hypervisors represent a relatively slim attack vector as they're often implemented in less than 100,000 lines of code. When compared with the millions of lines that make up a general-purpose operating system, creating a bulletproof hypervisor is a more realistic goal, but flaws will still exist, and exploits will be created. All the major players report that building a secure hypervisor is a top priority. VMware's CTO, Mendel Rosenblum, goes so far as to boast that no security holes will show up in VMware's ESX product because of design flaws--of course, that leaves open the possibility of implementation errors. Unfortunately, the enterprise is left with little other than vendor assurances to work with. While tools exist to detect rootkits and other compromises on conventional operating systems, no tools exist to detect their presence in the hypervisor.