Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Gartner: Virtualization Can Weaken Security

Let's catalog Gartner's observations first:
1. Virtualization software--such as hypervisors--represents a new layer of privileged software that will be attacked and must be protected.
2. The loss of separation of duties for administrative tasks, which can lead to a breakdown of defense in-depth.
3. Patching, signature updates, and protection from tampering for offline VM and VM "appliance" images.
4. Patching and secure confirmation management of VM appliances where the underlying OS and configuration are not accessible.

5. Limited visibility into the host OS and virtual network to find vulnerabilities and assess correct configuration.
6. Restricted view into inter-VM traffic for inspection by intrusion prevention systems (IPSs).
7. Mobile VMs will require security policy and settings to migrate with them.
8. Immature and incomplete security and management tools.

Their observations to fall into three categories:

1) Not new to virtualization (3,4--same as regular hardware appliances and other hotspare devices)
2) Useful, but obvious (1,7,8)
3) Only true if the admins aren't paying attention, or the architecture is poorly designed (2, 5, 6)

Incidentally, BlueLane--with their "virtual IPS"--has got to be ecstatic with No.6 since they're the only vendors marketed squarely at that space right now.
Jordan Wiens
NWC Contributing Technology Editor

  • 1