Putting Laws into PracticeBy Baselinemag | Posted 2008-01-25 Email Print
Putting the laws into practice
The answer to the question of security rarely has an absolute value. For most enterprises, the virtualization decision is about where and when to apply controls that are sufficient in the environment based on risk tolerance. Ultimately, whether virtualization is bane or boon for security depends on how the systems are configured, deployed, and managed.
To manage these new security concerns, it’s important to understand the underpinnings of today’s virtual systems.
The primary components of a virtual environment are:
· Virtual Machines (VMs) and their accompanying guest operating systems: Theses are the “core” components of the virtual architecture.
· Virtual Machine Monitor (VMM): The software component responsible for managing interactions between the VM and the physical system.
· Hypervisor and/or host operating systems: The software that handles kernel operations.
A virtualized environment consists of a VMM and one or more virtual machines. The VMs and VMM interact with either a hypervisor or a host operating system to access hardware, local I/O, and networking resources. In addition to these components, virtualization architectures leverage virtual networking, virtual storage, and terminal service capabilities to complete their architectures.
This minimum set of components comprises virtual environments in a few distinct ways:
· Type 1 virtual environments are considered “full virtualization” environments and have virtual machines running on a hypervisor that interacts with the hardware.
· Type 2 virtual environments are considered “full virtualization” as well, but work with a host operating system instead of hypervisor (though sometimes the VMM is called a hypervisor anyway).
· Paravirtualized environments make performance gains by eliminating some of the emulation that occurs in full-virtualization environments.
· Other designations include hybrid virtual machines (HVMs) and hardware-assisted techniques.
From a security perspective, a more significant risk profile exists in a Type 2 environment where a host operating system with user applications and interfaces is running outside of a virtual machine at a level lower than the other virtual machines. Because of the architecture, the Type 2 environment increases risk through its incorporation of potential attacks against the host operating system. For example, a laptop running VMware with a Linux virtual machine on a Windows XP system inherits the attack surface of both operating systems, plus the virtualization code of the VMM.