A Stark Reminder Of The Need For Virtual Security

A Stark Reminder Of The Need For Virtual Security

Now that the VENOM vulnerability has been dealt with, it’s time for technologists to seriously consider how ready they are for virtualization security.

Especially if you’re working in an organization with a significant investment in the cloud, this is one area you can’t afford to ignore any longer.

The VENOM vulnerability was discovered last May in an old string of code used in a majority of modern day virtualization hardware. The glitch allows an attacker to login to a virtual machine from the front door (e.g. buying space on AWS) and then “escape,” gaining code execution ability on the host, as well as any other VMs operating on that machine.

And while the threat was neutralized almost immediately with a series of patches, the story underlines a sad state of security in the virtualized world. As is the case with all major technological advances, security has lagged behind for years in the world of virtualized computing.

And it’s the IT department – not a lack of technology – that is to blame for the hold up.

[Read more…]

Mind the gap with security in your virtualized data center [Trend Micro]

Previously we gave a high level view of securing a virtual environment. We talked about security gaps in the post and one of the biggest gaps is the lack of visibility between virtual machines on the same server.

In a physical world, you have a network based Firewall and possibly a Unified Threat Management device securing the physical gateway into your network. What happens when you go virtual and the traffic doesn’t leave the physical host? Your Network IDS/IPS is rendered useless as it’s blind to interVM traffic.

Ok, so let’s put an AV client on each virtual machine, that should help right? [Read more…]

Easily manage data protection and recovery in virtual environments [IBM]

data reduce virtual environment

“Virtualized servers,” STORAGE Magazine reported in its December 2010 issue, “have been a boon to the systems side of the house, but a bane for storage managers.”

That’s because, while virtualization has transformed the way data centres and remote offices are managed, reducing floor space, driving up utilization metrics, and enabling new levels of service management and operational flexibility, the one measure that has not been reduced is the amount of data that’s created and managed. It continues to grow and grow and grow. [Read more…]