Virtual servers are more secure than real servers. This is a common fallacy. Even the VMWare About Us web page states "Customers
rely on VMware to reduce capital and operating expenses, ensure business continuity, strengthen security and go green." I take issue with the phrase strengthen security and here is why. Security is reduced when servers are virtualized!
Most server virtualization products, like VMWare, are software and all software has bugs. VMWare ESX Server had vulnerability bugs summarized by Secunia in 17 security advisories in 2008 alone. The following graph categorizes the impact of those advisories.
Now assume your running virtual Window 2000 and Linux servers within your VMWare ESX environment. Windows Server 2000 suffered 30 security advisories during the year 2008. An attacker could leverage Windows Server 2000 vulnerabilities to compromise one of your virtual servers. They could subsequently escalate their success by indirectly attacking the adjacent virtual Linux servers by exploiting vulnerabilities within VMWare. Your Linux servers would perceive nothing wrong and continue to implicitly trust VMWare to their demise. Read this VMWare security announcement if you think this example is far fetched. I recommend you segregate your virtual servers by their level of exposure and security requirements to mitigate this scenario.
Even though I've picked on VMWare and virtual servers here, I am not implying you should avoid them. On the contrary, use them with full awareness of their strengths and weaknesses.
In addition to segregation, what other techniques do you use to securely deploy virtual servers? Let me know by posting a comment.![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=fa028d97-cb72-4a22-b93a-88899f80e958)
Now assume your running virtual Window 2000 and Linux servers within your VMWare ESX environment. Windows Server 2000 suffered 30 security advisories during the year 2008. An attacker could leverage Windows Server 2000 vulnerabilities to compromise one of your virtual servers. They could subsequently escalate their success by indirectly attacking the adjacent virtual Linux servers by exploiting vulnerabilities within VMWare. Your Linux servers would perceive nothing wrong and continue to implicitly trust VMWare to their demise. Read this VMWare security announcement if you think this example is far fetched. I recommend you segregate your virtual servers by their level of exposure and security requirements to mitigate this scenario.Even though I've picked on VMWare and virtual servers here, I am not implying you should avoid them. On the contrary, use them with full awareness of their strengths and weaknesses.
In addition to segregation, what other techniques do you use to securely deploy virtual servers? Let me know by posting a comment.
Leave a comment