Menu
INTEROP - Virtual server sprawl highlights security concerns

INTEROP - Virtual server sprawl highlights security concerns

Ease of deploying virtual machines raises new risks

The relatively small amount of code in a hypervisor makes it somewhat resistant to malware. But a recently found flaw in VMware's desktop virtualisation software raises concerns about the safety of its server virtualisation technology, Lynch argued, saying he expects major hypervisor-based attacks this year. Gartner analyst Neil McDonald has said more than 60 per cent of virtual machines in production are less secure than their physical counterparts, Lynch noted.

IDC predicts that half of physical servers will be virtualized by 2011, Lynch said. So-called virtual appliances can be downloaded from VMware's Web site, and could ultimately become the most prevalent way to deploy software, Lynch said. But these appliances also raise new concerns. It's tough to know whether the virtual appliance downloaded over the Web actually comes from a trusted party, or whether updates come from a trusted source, Lynch said.

Virtualisation in general requires a new approach to security, but progress on this front is slow and full of roadblocks for enterprises who might be fooled by industry claims, Lynch contended.

IT has to watch out for security vendors that simply take an application, drop it into a virtual machine and claim it's now "virtualisation-aware," Lynch said.

Security could be built directly into the hypervisor, but hypervisor designers aren't necessarily security experts, Lynch said.

Some movement is afoot for security tools that are basically hypervisor plug-ins, he noted. IBM introduced an intrusion-prevention project related to virtualisation, and VMware in February released a set of APIs designed to give security vendors more visibility into the hypervisor.

This essentially gives more insight into the "black hole the hypervisor guys have created," Lynch said. But unless VMware is really selective about its APIs, new risks could be introduced, he said.

"There's no such thing as private APIs," Lynch said. "They're out and about pretty much as soon as they're announced."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

EDGE 2023

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.

WIICTA 2023

ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.

ARN Innovation Awards 2023

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

Show Comments