Previously we gave a high level view of securing a virtual environment. We talked about security gaps in the post and one of the biggest gaps is the lack of visibility between virtual machines on the same server.
In a physical world, you have a network based Firewall and possibly a Unified Threat Management device securing the physical gateway into your network. What happens when you go virtual and the traffic doesn’t leave the physical host? Your Network IDS/IPS is rendered useless as it’s blind to interVM traffic.
Ok, so let’s put an AV client on each virtual machine, that should help right? [Read more...]