How to secure the new data center

Published 5 December 2007

Virtualization is disruptive, and it changes the rules for how companies secure — or, rather, ought to secure — their data and their computing infrastructure

In a recent InformationWeek poll, 70 percent of respondents report they are running at least one virtualized server, yet fewer than 12 percent have a security strategy tailored to their virtual environment. Given the relative nascence of virtualization offerings for the x86 platform, this should not come as a surprise, but this also does not mean it is acceptable. Of those without a security plan in place, almost half believe that virtual machines are as secure as traditional servers, while another 18 percent admit they do not know whether virtualization changes the rules of the game for security. Joe Hernick’s analysis, as summarizd by Art Wittmann in InformationWeek, argues that there is little doubt that virtualization is an important and disruptive technology which will, in a relatively short period, change the face of the data center. Because virtualization is so disruptive, it also will clearly change the rules for how enterprises secure their data and their computing infrastructure. Hernick says he does not believe that virtualization should remain off limits until a security strategy is fully nailed down, but smart organizations will develop security and management strategies as they develop deployment plans for virtualization.

New threats to security come on two fronts. The first and most obvious is the additional software footprint represented by virtualization. On the desktop, virtualization is often implemented as an “application” which runs as a process under a desktop operating system, like Windows. For servers, hypervisors are now the preferred method for introducing a hardware virtualization layer between the “bare metal” hardware and general-purpose operating systems. As such, hypervisors represent a relatively slim attack vector as they are often implemented in fewer than 100,000 lines of code. When compared with the millions of lines which make up a general-purpose operating system, creating a bulletproof hypervisor is a more realistic goal, but flaws will still exist, and exploits will be created. All the major players report that building a secure hypervisor is a top priority. Palo Alto, California-based VMware’s CTO Mendel Rosenblum goes so far as to boast that no security holes will show up in VMware’s ESX product because of design flaws—of course, that leaves open the possibility of implementation errors. Unfortunately, though, the enterprise is left with little other than vendor assurances to work with. Tools exist to detect rootkits and other compromises on conventional operating systems, but no tools exist to detect