Skip to main content

Virtualization: Security concerns are here to stay

Unless ofcourse start considering the security as the "default" option when purchasing Virtualization software for your IT infrastructure. Adoption is getting quicker and don't forget to add security shields as standard installation with every virtualization installation.

Lamb says that his post isn't intended to smear VMware specifically, but rather to point out vulnerabilities in virtualization software in general. Virtualization allows enterprises to convert physical hardware, such as servers and desktop PCs, into software, which can then be consolidated onto a single machine, saving energy and hardware costs. But according to Lamb, that consolidation may also turn a business's IT infrastructure into a larger, more unified target for hackers.

"Instead of 30 discrete servers, now they're all on one physical machine. You could potentially compromise and own the whole system," he says.

In fact, Internet Security Systems released a vulnerability on Wednesday that could potentially be used to compromise several of VMware's products. The bug, found in VMware's Dynamic Host Configuration Protocol, (DHCP) could theoretically be exploited to allow hackers to access and run commands on not just the "guest" desktop PCs in a virtualization set-up, but also the physical server that hosts those machines.


Read on...

Comments

Popular posts from this blog

Get Vyatta Virtual Appliance, now VMware certified!

We all know Vyatta, don't we?

Vyatta, the leader in Linux-based networking, today announced that its open-source networking software has received VMware Virtual Appliance Certification, thereby providing customers with a solution that has been optimized for a production-ready VMware environment. The company also announced it has joined the VMware Technology Alliance Partner (TAP) Program. As a member of TAP, Vyatta will offer its solutions via the TAP program website. With the Vyatta virtual appliance for VMware environments, organizations can now include Vyatta’s router, firewall and VPN functions as part of their virtualized infrastructure.

Vyatta combines enterprise-class routing and security capabilities into an integrated, reliable and commercially supported software solution, delivering twice the performance of proprietary network solutions at half the price. Running Vyatta software as virtual appliances gives customers many more options for scaling their data centers and cons…

3PAR adds native LDAP support to simplify administration

3PAR®, the leading global provider of utility storage, announced today native support for lightweight directory access protocol (LDAP). Support for LDAP enables centralized user authentication and authorization using a standard protocol for managing access to IT resources. With 3PAR’s support for LDAP, customers are able to now integrate 3PAR Utility Storage--a simple, cost-efficient, and massively scalable storage platform—with standard, open enterprise directory services. The result is simplified security administration with centralized access control and identity management.

“3PAR Utility Storage already provides us with a reliable, shared, and easy-to-use consolidated storage platform,” said Burzin Engineer, Vice President of Infrastructure Services at Shopzilla. "Now, with 3PAR support for LDAP, managing security commonly--across all our resources, including storage--is also simple and efficient.”

Press Release

DeepLearningTrucker Part 1