Virtualization and SecurityMany organizations think about the security implications after they deploy new technology. Virtualization provides many benefits, which makes easy sell into IT architectures. Virtualization can save money, increase business efficiency, decrease downtime during maintenance without affecting business and causing disruptions, and it can do more work with less equipment. Of course, there are many ways to implement virtualization in IT sectors using network virtualization, storage virtualization, server virtualization and desktop virtualization. Each type may contain some sort of security risk. There are many solutions for virtualization types. The important thing is that virtualization can improve security, but it does not have the capability to prevent all attacks.
Virtualization can be used in many ways and requires appropriate security controls in each situation. This article will explore the ways you can use virtualization to increase the security of your Windows environment.
The following are the few ways to minimize risks and improve security using virtualization:
SandboxingSandboxing is a security mechanism for separating running programs that is often used to execute untested code or programs from unverified third parties, suppliers and websites. The main goal of sandboxing is to improve virtualization security by isolating an application to protect it from outside malware, harmful viruses, applications that stop execution, etc. If you have any application that is unstable or untested, simply put it in a virtual machine so that it does not affect the rest of the system.
Sometimes you may get a malicious attack to your application while running it in a browser, so it is always a good practice to run your programs on a virtual machine. Sandbox technology is closely related to virtualization. Virtual computing offers some of the benefits of sandboxes without having to pay premium prices for a new machine. The virtual machine has a connection to the Internet, not to the company LAN, so it protects the operating system and programs from viruses or harmful attacks on the virtual machine.
Server VirtualizationServer virtualization is the masking of server resources, which helps in partitioning the physical server into smaller virtual servers to maximize resources. The administrator divides the physical server into multiple virtual environments. These days, official records are often stolen from servers by hackers. Server virtualization allows small virtual servers to run their own operating systems and reboot independently of one another. Virtualized servers are used to identify and isolate applications that are unstable, as well as compromised applications.
This type of virtualization is mostly used in Web servers, which provide low-cost Web-hosting services. Server utilization manages complicated details of server resources while increasing utilization rates and maintaining capacity. A virtualized server makes it easier to detect malicious viruses or damaging elements while protecting the server, virtual machines and the entire network.
The benefit of using server virtualization is that it creates a hardware abstraction layer between the x86 hardware and the operating system. It also reduces the density of virtual servers to physical server hardware. Server virtualization creates an image of a server, which makes it easy to determine whether the server is acting abnormally.
Network VirtualizationNetwork virtualization is the combination of hardware and software network resources, and it combines network functionality into a single virtual network. With network virtualization, virtual networks minimize the effect of the malware when infecting the system. Network virtualization creates logical virtual networks from underlying network hardware to better integrate with virtual environments.
An important feature of network virtualization is isolation. It allows the dynamic composition of multiple virtual networks that co-exist in isolation to deploy customized end-to-end services on the fly. They are managed on those virtual networks for the users by sharing and using network resources gained from infrastructure providers.
Another main feature of network virtualization is segmentation, in which the network is divided into sub-networks, a process that leads to boosting performance by minimizing local traffic in the network and improving security by making the internal network structure invisible from the outside. Network virtualization is also used to create a virtualized infrastructure to support complex requirements by creating single instances of software applications serving multiple customers.
Hypervisor SecurityThe term hypervisor means small software or hardware that creates and runs virtual machines. The machine that contains the hypervisor is called a host machine. Hypervisor security enables virtualization by using hypervisor including development, implementation, provisioning and management. (Learn more in Virtualization Security: Tips to Prevent VM Hyper Jumping.)
There are some key security recommendations for hypervisors:
- Install the hypervisor updates released by the vendor. Most hypervisors will have automatic updating of software and will install updates when found.
- Secure with thin hypervisors, which makes deployment easy and efficient to run with minimal computing overhead. It also reduces the chance of attack by malicious code that could reach the hypervisor.
- Don’t connect unused physical hardware to the host system, or unused NICs to any network. Sometimes disk drives are used to back up data, so unused devices should be disconnected when they are not actively being used for backup.
- If you don’t need file sharing service or any other service between the guest OS and the host OS, disable any services that aren't needed.
- There must be security between guest operating systems in order for them to communicate. Non-virtualized environments should be handled by security controls such as firewalls, network appliances, etc.
Desktop VirtualizationDesktop virtualization allows for the creation, modification or deletion of images and separates the desktop environment from the physical computer that is used to access it. An administrator can easily manage employees’ computers and protect them from unauthorized access or the introduction of viruses. It provides more security to the user by providing a guest OS image for the desktop environment and it doesn’t allow copying or saving of data to a disk other than the server, making desktop virtualization a more secure option for networking.
Infrastructure SecurityA virtualized information infrastructure allows controlling the access to resources and maintains visibility to ensure proper information handling. All activities within the computing environment need to be tracked though the infrastructure.
Virtual SwitchesA virtual switch is a software program that provides security by using isolation, control and content inspection techniques between virtual machines and allows one virtual machine to communicate with another.
It does not allow the execution of inter-switch link attacks. The main purpose of a virtual switch is to provide network connectivity to communicate with virtual machines and applications within the virtual network to physical network.