Alternatives for Securing Virtual Networks

Authored on: Jan 13, 2012

Download View the "Alternatives for Securing Virtual Networks" white paper which describes virtualization security threats and challenges with virtual networks and cloud computing. Add defense-in-depth security to your virtualized data center with Altor VF virtual firewall.

An increasingly large share of data center network traffic is occurring between VMs within a virtualization server - on the �virtual network� - yet VM and network administrators have minimal ability to see or control inter-VM communication. By default, every VM on the host can communicate directly with every other VM through a simple virtual switch, without any inter-VM traffic monitoring or policy-based inspection and filtering.

Inter-VM traffic on a host doesn�t touch the physical network: it is invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, VMs are highly vulnerable to attack. For example, a buffer overflow attack on a vulnerable application can enable an attacker to run arbitrary code in a VM. With no packet inspection or filtering of virtual network traffic, the attacker can gain access to all other VMs resident on the host.