This article can learn: virtualization Defects
With the continuous development of virtualization technology, many organizations face attractive reasons for implementing virtualization, such as server integration, faster hardware, simple use, and flexible Snapshot technology. This makes virtualization more eye-catching. In some organizations, virtualization has become an important part of their architecture. Here, the technology is again at the forefront of the best security method. With the organization's emphasis on disaster recovery and business continuity, especially in the financial sector, virtual environments are becoming increasingly common. We should pay attention to the hidden worries behind such prosperity.
Defects in using a virtualized environment
1. If the host is damaged, the client server managed by the main host may be cracked.
2. If the virtual network is damaged, the client will also be damaged.
3. Ensure the security of client and host sharing, because these sharing can be exploited by attackers.
4. If there is a problem with the host, all virtual machines will have problems.
5. virtual machines are considered as second-level hosts, which have similar features and run in a similar way as physical machines. In the next few years, the difference between virtual machines and physical machines will gradually decrease.
6. When it comes to the virtual field, the least privileged technology has not been paid due attention or even forgotten. This technology can reduce the attack surface and should be used in physical and similar virtualization environments.
Measures to ensure the security of the virtual server environment
1. Upgrade your operating system and applications on all virtual machines and hosts. Host applications should be few and only the required programs should be installed.
2. Use firewalls to isolate and protect different virtual machines and ensure that only licensed protocols can be processed.
3. Isolate each virtual machine from other virtual machines and hosts. Isolate all aspects as much as possible.
4. Install and update the anti-virus mechanism on all hosts and virtual machines, because virtual machines are as vulnerable to viruses and worms as physical machines.
5. Use IPSEC or Enhanced encryption between the host and the VM, because the communication between the VM and the VM may be sniffed and damaged. Although manufacturers are trying to change this situation, it is still a real threat when I finish this article. Enterprises still need the best way to encrypt communications between machines.
6. Do not browse the Internet from the host. The infection caused by spyware and malware may still harm the host. Remember, when the host manages virtual machines, problems that occur on the virtual machines can lead to serious problems, potential "downtime", and service loss.
7. Protect the security of administrators and administrators on hosts. Unauthorized access to privileged accounts can cause serious security damage. The investigation found that the Administrator (Root) account on the host is not as secure as the account on the virtual machine. Remember, your security is determined by the weakest logon point.
8. Strengthen the host operating system and terminate and disable unnecessary services. Keeping the operating system streamlined can reduce the chances of being attacked.
9. Disable unused virtual machines. If you do not need a virtual machine, do not run it.
10. Integrate virtual machines into enterprise security policies.
11. Ensure host security and prevent unauthorized users from damaging virtual machine files when the virtual machine is offline.
12. adopt solutions that can isolate Virtual Machine management programs. These systems can further isolate and better ensure the security of the virtual environment.
13. Make sure that the host driver is updated and upgraded. This will ensure that your hardware runs at the optimal speed, and software updates can greatly reduce the chance of exploits and DoS attacks.
14. Disable unused ports in the virtual machine. If the virtual machine environment does not use port technology, disable it.
15. Monitors Event Logs and security events on hosts and virtual hosts. These logs should be properly stored for future security audits.
16. Restrict and reduce the sharing of hardware resources. In a sense, security and hardware resources are shared, just like a fish and a bear's paw. When resources are shared by virtual machines in turn, in addition to data leakage, denial of service attacks are also common.
17. Whenever possible, ensure that the network interface card is dedicated to each virtual machine. This reduces the problem of resource sharing and isolates the communication between virtual machines.
18. Investing in hardware that meets specific purposes and supports virtual machines. Hardware that does not support virtual machines may cause potential security problems.
19. A partition can generate a disk boundary. It can be used to detach each virtual machine and ensure security in its dedicated partition. If a virtual machine exceeds the normal limit, the dedicated partition will limit its impact on other virtual machines.
20. Ensure that virtual machines cannot connect to each other without interconnectivity. We have already mentioned the importance of network isolation. To communicate between virtual machines, you can use an independent network interface card on different network addresses, which is much safer than pushing the communication between virtual machines directly to the exposed network.
21. NAC is moving towards virtual machines, especially for Virtual Machine server-based devices. If this is a feature that can be enabled, the correct implementation of NAC will bring you more long-term security.
22. Strict management of remote access to virtual machines, especially hosts, reduces the possibility of exposure.
23. Remember that the host represents a single failure point, and backup and continuity requirements can help reduce this risk.
24. Avoid sharing IP addresses. This is a typical instance of problems and vulnerabilities caused by sharing resources.
The industry has begun to realize that virtualization security is not as simple as physical security. This technology brings new challenges to be addressed.
Conclusion
Virtualization security is a necessary investment. If a company thinks its cost is too high, the author suggests that it should not adopt virtualization, but insist on using physical machines, but the latter also needs security protection.