How server virtualization balances the advantages and disadvantages of Network Security

As an important part of systems and data centers, server virtualization is in a stage of rapid growth. However, server virtualization brings more vulnerabilities to the existing complex security environment. Is this true? Will server virtualization increase the company's risks? If the answer is yes, is the price compared with the obtained value worthwhile for us to choose to accept server virtualization?

Why choose server virtualization?

When Servers Based on Micro-Computer Technology begin to replace large hosts and become the core of the Business Information Processing System, the development of micro-computer technology lags far behind the current era. To ensure that users get the expected performance and reduce the risks caused by system incompatibility, Microsoft and other companies suggest installing a separate solution on each server. For data centers, although this method is effective, it means that hundreds of single-purpose servers exist.

As the number of servers increases, management becomes more and more difficult. In addition, due to the rapid development of hardware technology and the upgrading of servers, server resources in the data center are often not fully utilized. In this case, the emergence of server virtualization technology has become a matter of course.

At the beginning, the development of server virtualization technology was not fast, and it felt like walking freely in the park. However, over time, it has gradually become the core of many server solutions. According to William Hao from Foundstone, an information security risk management company, and rohao,:

The last [virtualization] industry summit attracted more than 10 thousand people and reached an agreement on applications of Java and Linux operating systems in a virtualized environment.

Server and desktop virtualization are no longer just a buzzword, but a real technology that can be used as a definite information technology for company users.

Virtualization Technology is chosen because it helps companies solve many common problems that occur when using servers, including:

Hardware sharing. Multiple virtual servers can share all resources from the same hardware platform to maximize the company's investment utilization.

This avoids compatibility issues with underlying hardware. Virtual Server technology allows users to establish a dedicated virtual server environment. In this way, the applications and operating systems of suppliers and commercial users do not have to worry about various problems due to hardware incompatibility during the deployment of a solution.

Security Logging. Virtual Management Software or virtual machine Manager (VMM) records the damage events that occur in the customer's virtual environment. Therefore, even if the logs in the virtual machine are damaged or modified, the logs in the Virtual Machine manager are still secure and will not be affected.

Enable servers using standard images. You can create a virtual server by setting and installing patches according to appropriate basic security standards and configuring the environment, in addition, the company can save the image as a standard image. It is enabled when you need to recover or create other servers of the same type (for example, email, database, file, and print.

Ensure that the operation business can be quickly recovered. If the hardware is damaged or the virtual server is on the machine, you only need to reconstruct the storage virtual image of the environment to quickly restore business operations. Since virtual machines are based on abstract hardware independence, a backup server can restore the Business Operation Systems on different hardware platforms without worrying about hardware compatibility issues.

Security Testing. For security management, establishing security rules for server and network operations is a considerable part of the work. Using a virtual server to test security rules is a good way to quickly create a virtual server, run the required test, and directly close the required data.

What are the risks of virtualization technology?

Like any other new technology, virtualization technology also requires us to change the way we manage the information infrastructure. As an IT manager, you should understand that using virtualization technology brings potential risks in three aspects: vulnerabilities and defects may occur when the number of extensions, basic network requirements change, and rollback is performed.

For Engineers, convenient deployment of virtual servers is both an advantage and a disadvantage. You need to purchase or select the idle part of the existing hardware device when deploying traditional servers. From the management point of view, this process is easy to control. However, virtualization technology has changed everything.

Today, engineers only need to select images to create virtual servers based on any virtualized hardware platform. They can easily do this without investing any money. This means that more servers need to be managed. The number of security analysts and auditors who need to monitor has also increased significantly.

Before configuring security and performance monitoring solutions, you must determine the basic requirements for ensuring network stability. However, the server time required to test the basic requirements may cause confusion. This includes the established basic requirements, which may lead to situations such as unreliable monitoring results.

Finally, when the virtual server rollback operation is performed using the virtual mirror image, the updated patch may be faulty, and the server return time may cause the patch to fail. For example, the server may return time before the security patch is released.

All these three risks are caused by changes in the server management mode. Adjusting management methods (that is, changing management policies and methods) is the first step to ensure virtualization security. To ensure security and reduce risks, the company must improve its management policies.

Now, let's take a look at some common types of vulnerabilities and how they attack the virtual environment.

Conceptual attacks, including Blue Pill, SubVirt, and Xensploit, have proved that virtual machines have unique security vulnerabilities. However, there have been no actual attacks. In addition, vendors of anti-malware tools are also trying to improve product performance to detect such infections. (McAfee's Total Protection virtualization solution includes this feature ). What is the bottom line of the problem? For virtualization technology, security knowledge and information are both effective. The key lies in proper design and control. Although the technology may be new, the basic principles of security protection will not change.

Conclusion

Therefore, is it worthwhile to choose virtualization technology? The answer is yes. The benefits of appropriately managed Virtualization Technologies are far greater than any imaginary or practical dangers. Specifically, appropriate management measures can minimize the additional risks brought by the technology, while improving business continuity and ROI brings significant benefits. Therefore, it is worthwhile to choose virtualization technology.

1. How to Use isolated exchange technology to build a data exchange network to ensure enterprise security
2. Microsoft virtualization deployment application and management process
3. The new generation of data center energy-saving means virtualization ranks first
4. 3G increases the pressure on Data Center resizing. Communication virtualization costs will rise.