Putting the Laws into PracticeBy Baselinemag | Posted 2008-04-30 Email Print
Virtualization technology can deliver cost savings and improve IT performance, but it also introduces new security concerns. In this summary of a Burton Group report, security expert Pete Lindstrom examines the security considerations unique to virtualized IT environments.
Putting the Laws into Practice
The answer to the question of security rarely has an absolute value. Instead, it is a matter of degrees. For most enterprises, the decision is not whether to virtualize, because virtualization is here now. The decision involves determining where and when to apply controls that are sufficient in the environment based on risk tolerance. Ultimately, whether virtualization is bane or boon for security depends on how the systems are configured, deployed and managed.
To manage these new security concerns, it’s important to understand the underpinnings of today’s virtual systems.
The primary components of a virtual environment are:
- Virtual Machines and their accompanying guest operating systems: These are the core components of the virtual architecture.
- Virtual Machine Monitor (VMM): The software component responsible for managing interactions between the VM and the physical system.
- Hypervisor and/or host operating system: The software that handles kernel operations.
A virtualized environment consists of a VMM and one or more VMs. The VMs and VMM interact with either a hypervisor or a host operating system to access hardware, local I/O and networking resources. In addition to these components, virtualization architectures leverage virtual networking, virtual storage and terminal service capabilities to complete their architectures.
This minimum set of components makes up virtual environments in several distinct ways:
- Type 1 Virtual Environments are considered full virtualization environments and have VMs running on a hypervisor that interacts with the hardware.
- Type 2 Virtual Environments also are considered full virtualization environments, but work with a host operating system instead of a hypervisor (though sometimes the VMM is called a hypervisor).
- Paravirtualized environments make performance gains by eliminating some of the emulation that occurs in full virtualization environments.
- Other designations include hybrid virtual machines (HVMs) and hardware-assisted techniques.
From a security perspective, the most important thing to remember is that there is a more significant impact in a Type 2 environment where a host operating system with user applications and interfaces is running outside of a VM at a level lower than the other VMs. Because of the architecture, the Type 2 environment increases risk through its incorporation of potential attacks against the host operating system. For example, a laptop running VMware with a Linux VM on a Windows XP system inherits the attack surface of both operating systems, plus the virtualization code of the VMM.