VMWare's VMsafe program is bringing more security options to the world of server virtualization.
Server virtualization is sweeping the data center, but the cold, hard truth is that few of these initiatives have incorporated security during design, testing, or deployment. That's a problem, because you can't just transfer traditional security policies and practices used in the physical world.
Physical-world security is often tied to "physical" attributes--such as MAC addresses, server identities, and IP addresses--that aren't relevant in the fluid world of virtual machines. To make matters worse, security pros and VM admins alike can find themselves sniping from opposing camps rather than working together to design and implement an efficient, secure virtualization infrastructure.
Meanwhile, hypervisors and the virtualization layer eventually will be compromised. Despite the best efforts of PR teams to convince us otherwise, hypervisors aren't magical constructs. They're just software, and no code is free of errors or vulnerabilities.
Organizations also may introduce their own vulnerabilities. Virtual machines can communicate with one another on the same physical host without that traffic ever passing through--or being inspected by--firewalls and intrusion-detection systems. If an attacker compromises one VM, he can use it as a base of operations to probe and invade others on the same server without the security or operations team ever knowing.
The danger is inadvertently putting sensitive or regulated data at risk: An administrator might reconfigure host network interface cards for performance reasons and end up placing a customer database and Web-facing server on the same card. Automated VM transfers, in which a virtual machine hops from one physical server to another, may violate security policies or compliance rules if a VM moves outside a secure domain. A virtual instance of a Web server that was deployed for a quick test may sit, unpatched and unmonitored, on the same virtual LAN as critical production VMs, just waiting to be infiltrated by attackers.
That's a long list of issues for security professionals and virtualization administrators to tackle. The industry, recognizing that major security disruptions could choke the growth of virtualization, are taking steps to make virtual machines and inter-VM traffic more visible and better secured.
The most prominent effort comes from VMware, whose ESX hypervisors dominate the server virtualization market. The company announced the VMsafe program in spring 2008. VMsafe provides a set of APIs that vendors can use to extend security and monitoring capabilities into the virtual realm--or at least, into VMware's realm.
The VMsafe security APIs run at the hypervisor and machine monitoring layer, allowing security vendors to hook into all activity occurring in your virtualized world to monitor traffic, enforce policies, and watch for suspicious activities on the hypervisor and virtual machine guests. Arguably, VMsafe and APIs from other hypervisor vendors will, in the long run, allow insight and monitoring capabilities beyond what can be done with physical servers.
Google in the Enterprise SurveyThere's no doubt Google has made headway into businesses: Just 28 percent discourage or ban use of its productivity products, and 69 percent cite Google Apps' good or excellent mobility. But progress could still stall: 59 percent of nonusers distrust the security of Google's cloud. Its data privacy is an open question, and 37 percent worry about integration.
CIOs Get Smart About BIIT’s tried for years to simplify business intelligence efforts. Have visual analysis tools and Hadoop and NoSQL databases helped? Respondents to our 2014 InformationWeek Analytics, Business Intelligence, and Information Management Survey have a mixed outlook.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.