Security Issues with Virtual Servers

Many data centers are converting their servers from physical to virtual. It just makes sense. It is much cheaper and easier to run virtual servers, as one physical box can run many virtual server instances. When these virtual servers are connected to a Storage Area Network (SAN), individual virtual servers can be moved transparently from physical server to physical server with little to no downtime.

If a virtual server crashes, it is much easier to rebuild from a virtual server template than installing from scratch. And you can manage and remote into each virtual server from a virtual server console. As you can see there are many advantages to moving from physical to virtual servers.

So what is the down fall? Security.

If the main box is compromised, the virtual servers could be accessed. At a recent Black Hat conference it was demonstrated that a flaw in a virtual server video driver could give access to the physical server. And a plug-in on the Browser Exploitation Framework (BeEF) will detect if the target server is running in a virtual session. The virtual servers are only as secure as the physical server.

A recent article on GCN covers additional security issues with virtual servers:

“One of the major causes of this issue is a lack of involvement of the IT security team in the architecture and planning stages of development, Gartner said. About 40 percent of the surveyed organizations had not brought security professionals into the projects…”

For more information on security issues see GCN.com 

~ by D. Dieterle on March 22, 2010.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: