While VMware this week is holding its own VMworld party in Las Vegas, attendees at Interop New York were told about the potential security risks of virtual environments, not the least of which are people.
Virtualization today is ahead of compliance. If they get into the hypervisor, the game is over
At least for now, virtual servers, the hypervisors that oversee them, the management platforms that govern them and the IT staff that sets them up and runs them are all potential attack vectors, said Joshua Corman, principal security analyst for IBM/ISS. "Virtualization is a game changer for good and for bad," he said.
IT staffs under financial pressure to implement virtual servers may be overworked and lose the diligence to properly plan secure deployments Corman said. "Virtualization requires more discipline and enforcement of policies than before," he said.
Just as teams of server, network, security and application specialists typically oversee the deployment of traditional physical server farms, the same group should plan virtual rollouts, Corman said. But often, the security team is left out and server administrators may inherit the responsibility without the proper expertise. "Before there was a healthy balance of skill sets distributed well [among a variety of administrators]," he said.
This lack of balance generates unproductive finger pointing when things go awry and in some cases creates grabs for power as IT staff recognizes a shift in how work is being distributed. In either case, security can suffer, Corman said.
Meanwhile, virtual technology presents weak spots for attackers to take advantage of, he said. "Virtualization will set you back on your risk posture," he said. In particular, virtual environments are a "management nightmare" where each virtual machine may spawn another that could appear virtually anywhere. This makes instances of servers hard to find, let alone protect, he said, and this "server sprawl" can lead to catastrophic failures.
Individual virtual machines, called guests, can fall into vulnerable configuration due to a feature of virtualization that suspends them when they are not used, Corman said. When the applications these guests host are needed, they are brought back online, but in the meantime may have missed critical security updates and are left open to exploits.
Once a guest is taken over, it can contend for the available processing power within the same hardware and cause bottlenecks for applications on the other guests within the physical machine, he said.