Skip to main content

Security gets more attention as virtualization goes mainstream

The wave of hype around server virtualization technology has already receded as solution providers and their customers bury their heads in their SANs and work with mature and maturing technologies from VMware and several competitors.

Yet like a Pacific Ocean tsunami, the departure of the wave signals not a falling tide, but the building of a new and larger wave of hype and confusion about how the growing virtualization of server infrastructures impacts the security of the data center.

Virtualized servers are in many ways similar to physical servers, with each individual virtual or physical server requiring processor time, memory, I/O, and an operating system to run an application which does not care on which type of server it is found.

Yet the difference between having an application run on a dedicated piece of hardware or on one of several virtual servers sharing resources within a physical server is spurring a debate about the best way to protect the virtual world.

In one camp are those who say that virtual servers primarily need the same type of protection tools—anti-virus, anti-spam, firewall—as any physical server.

In the other camp are those, especially a host of startups and relatively unknown technology developers, who say that server virtualization brings its own potential areas for malware exploits requiring a new set of tools to handle security issues.


Link

Comments

  1. A lot of those working in virtual IT, particularly when they’re just starting their own businesses get lost in gadgetry and forget to pay attention to what their clients actually need to solve their problems. Working in virtual IT and being successful working with technology isn’t always about keeping up with the latest and greatest and getting your clients to use it in their businesses. I typically advise people to wait, because really most business clients – particularly SMB’s – are slightly behind the curve when it comes to technology, and to stay competitive and run efficiently, they’re not going to need the latest and greatest.
    I offer a variety of free tools for virtual IT consultants looking for tips at various stages of their businesses. I offer marketing advice along with sales tips and real strategies professionals can use for their businesses along with industry news.
    Thanks for the great blog post!

    ReplyDelete

Post a Comment

Popular posts from this blog

Security: VMware Workstation 6 vulnerability

vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially run arbitrary code with kernel privileges. The issue is in the vmstor-60 driver, which is supposed to mount VMware images within the host OS. When sending the IOCTL code FsSetVoleInformation with subcode FsSetFileInformation with a large buffer and underreporting its size to at max 1024 bytes, it will underrun and potentially execute arbitrary code. Security focus

Splunk that!

Saw this advert on Slashdot and went on to look for it and found the tour pretty neat to look at. Check out the demo too! So why would I need it? WHY NOT? I'd say. As an organization grows , new services, new data comes by, new logs start accumulating on the servers and it becomes increasingly difficult to look at all those logs, leave alone that you'd have time to read them and who cares about analysis as the time to look for those log files already makes your day, isn't it? Well a solution like this is a cool option to have your sysadmins/operators look at ONE PLACE and thus you don't have your administrators lurking around in your physical servers and *accidentally* messing up things there. Go ahead and give it a shot by downloading it and testing it. I'll give it a shot myself! Ok so I went ahead and installed it. Do this... [root@tarrydev Software]# ./splunk-Server-1.0.1-linux-installer.bin to install and this (if you screw up) [root@tarrydev Software]# /op

Virtualization is hot and sexy!

If this does not convince you to virtualize, believe me, nothing will :-) As you will hear these gorgeous women mention VMware, Akkori, Pano Logic, Microsoft and VKernel. They forgot to mention rackspace ;-) virtualization girl video I'm convinced, aren't you? Check out their site as well!