The Laws of Virtualization Security - Security Benefits of Virtualization
(
Page 3 of 4 )
Security Benefits of Virtualization
There is
growing confusion and debate about the net positive and negative security
aspects of virtual environments. On one side is the notion of isolation of
resources into purpose-built virtual machines that limit the consequences of
attacks. On the other side are researchers involved in exploiting the
technology and abusing its functionality that demonstrate significant risks.
Shared
content and resources are the bane of the security professional’s existence—most
of whose time is spent collecting and logically categorizing, grouping and then
separating resources. Sometimes this grouping is done by business units and
sometimes by other means, such as the classification of the content.
A virtual
environment can provide a means for separation of program resources and content
that enhances security. Shared resources also share risk at the aggregate
level. Separating resources and content allows for stronger protection of
higher-risk resources and reduces the overall impact of a compromise. A number
of valuable use cases might come out of this. For example:
· A
single application or set of applications could be run in a virtual machine guest
(or compartment) separate from all other applications.
· A
consultant working for two different companies could do work for each client in
a separate virtual machine.
· Someone
working on a personal computer could use one virtual machine for business
activities and another for personal finances and homework.
User
behavior can vary widely across a spectrum from strong risk tolerance to strong
risk aversion. This behavior can change in a matter of minutes. Obviously, this
creates a problem whereby the risk-tolerant behavior impacts the risk-averse
requirements. An isolated temporary environment can provide a way to allow risk-tolerant
behavior without significantly impacting the risk-sensitive resources.
One
technique for virtual environments involves creating a “sandbox” virtual
machine and using it for risky activities. Assuming the content being created
and the changes being made are insignificant in the long term, then a user can
“turn back time” to a point where the virtual machine was known good—typically
reverting to the standard image. The obvious use for such a configuration is
for shared systems like training systems and kiosks to allow for maximum
flexibility on the user side without creating any long-term damage.
The
sandbox scenario also provides an obvious case where streamlined recoverability
is useful. In fact, the more frequent the reversion to a known-good state, the
lower the potential for harmful consequences.
Virtual
machines can also be multiplied and distributed in many different ways. This
flexibility is a boon to disaster recovery specialists looking for ways to
increase availability. Maintaining replicated environments that are physically
separate and creating images that can be quickly recovered contributes to the
overall availability of the resources.
