It’s time we re-examine virtual security practices

It's time we re-examine virtual security practices

We’ve been hearing about the potential benefits of using a security solution designed specifically for virtual environments for a few years.

Unfortunately, many infosec departments continue to protect virtual environments with traditional, or legacy, approaches. While this is certainly a step in the right direction, something many see as “good enough,” the fact is traditional security doesn’t cut it, and exposes you to risk. To put a finer point on it, not adopting VM-focused solutions has the added impact of taking away those hard earned efficiency gains, promised by a virtual environment.

With more data centers in the cloud than ever, waiting around to address this problem is no longer feasible. Just look at what happened with the VENOM exploit — a vulnerability that put millions of virtual machines at risk — and you’ll see that hackers have started to attack these ubiquitous virtual machines in sophisticated new ways.

Now that virtualization has become the norm  it’s time we re-examined the need for better, virtual-specific modes of keeping your servers safe and secure.

[Read more…]

Mind the gap with security in your virtualized data center [Trend Micro]

Previously we gave a high level view of securing a virtual environment. We talked about security gaps in the post and one of the biggest gaps is the lack of visibility between virtual machines on the same server.

In a physical world, you have a network based Firewall and possibly a Unified Threat Management device securing the physical gateway into your network. What happens when you go virtual and the traffic doesn’t leave the physical host? Your Network IDS/IPS is rendered useless as it’s blind to interVM traffic.

Ok, so let’s put an AV client on each virtual machine, that should help right? [Read more…]