Alternatives for Securing Virtual Networks

Apr 03, 2009

Download View the "Alternatives for Securing Virtual Networks" white paper which describes virtualization security threats and challenges with virtual networks and cloud computing. Add defense-in-depth security to your virtualized data center with Altor VF virtual firewall.

An increasingly large share of data center network traffic is occurring between VMs within a virtualization server - on the �virtual network� - yet VM and network administrators have minimal ability to see or control inter-VM communication. By default, every VM on the host can communicate directly with every other VM through a simple virtual switch, without any inter-VM traffic monitoring or policy-based inspection and filtering.

Inter-VM traffic on a host doesn�t touch the physical network: it is invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, VMs are highly vulnerable to attack. For example, a buffer overflow attack on a vulnerable application can enable an attacker to run arbitrary code in a VM. With no packet inspection or filtering of virtual network traffic, the attacker can gain access to all other VMs resident on the host.