Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing a Virtualized Environment Stefano Alei Senior Systems Engineer.

Similar presentations


Presentation on theme: "Securing a Virtualized Environment Stefano Alei Senior Systems Engineer."— Presentation transcript:

1 Securing a Virtualized Environment Stefano Alei Senior Systems Engineer

2 Agenda Security Trends Fundamentals on Security Security in a Virtualized Environment Best Practices for Securing Virtual Machines Benefit of the VMware Solutions

3 Agenda Security Trends Fundamentals on Security Security in a Virtualized Environment Best Practices for Securing Virtual Machines Benefit of the VMware Solutions

4 Security Trends IBM Source - January 2007

5 The Ten Most Important Security Trends http://www.sans.org/resources/10_security_trends.pdf Mobile Devices 1. Laptop encryption will be made mandatory at many government agencies and other organizations that store customer/patient data and will be preinstalled on new equipment. 2. Theft of PDA smart phones will grow significantly. Government Action 3. Congress and state governments will pass more legislation governing the protection of customer information Attacks Targets 4. Targeted attacks will be more prevalent, in particular on government agencies. 5. Cell phone worms will infect at least 100,000 phones, jumping from phone to phone over wireless data networks. 6. Voice over IP (VoIP) systems will be the target of cyber attacks. http://www.sans.org/resources/10_security_trends.pdf SANS Source - Year 2006

6 The Ten Most Important Security Trends http://www.sans.org/resources/10_security_trends.pdf Attack Techniques 7. Spyware will continue to be a huge and growing issue. 8. 0-day vulnerabilities will result in major outbreaks resulting in many thousands of PCs being infected worldwide 9. The majority of bots will be bundled with rootkits. Defense Actions 10. Network Access Control will become common and will grow in sophistication. As defending laptops becomes increasingly difficult, large organizations will try to protect their internal networks and users by testing computers that want to connect to the internal network. SANS Source - Year 2006

7 Agenda Security Trends Fundamentals on Security Security in a Virtualized Environment Best Practices for Securing Virtual Machines Benefit of the VMware Solutions

8 The C.I.A. Triad Availability ConfidentialityIntegrity Security Objectives

9 Security Threats

10 An Integrated Approach Administrative, technical, and physical controls should work in a integrated manner to protect a companys assets. Physical Controls Facility protection, security guards, locks, monitoring, intrusion detection Technical Controls Access control, encryption, security devices, identification and authentication Administrative Controls Polices, standars, guidelines, security- awareness training, screening personnel, Company Data and Assets

11 An Integrated Approach Security must be an integral part of the company policy Security must be an integral part of the company policy. Lack of planning and a lack of proper processes or procedures are the main reasons leading to problems !

12 An Integrated Approach Security Managements Practices Access Controls Telecommunications and Networks Cryptography Security Architecture Operation Security Applications and System Development Business Continuity and Disaster Recovery Physical Security

13 Security Managements Practices Security Policy Implementation Security Policy Standards Baseline Procedures Roles and Responsability Risk Management Security Awareness

14 Security Trends Access Controls DoS / DDoS Backdoor Spoofing Man-in-the-Middle Replay TCP Hijacking Social Engineering Dumpster Diving Brute Force Dictionary Attack Software Exploitation Trojan Virus System Scanning

15 Security Managements Practices Telecommunications and Network Protocols Firewall IDS / IPS Wireless VoIP Network Attacks and Abuse Logon abuse Eavesdropping Network Intrusion Sessions Hijacking Fragmentation Attacks

16 Security Managements Practices Cryptography Symmetric Asymmetric Public Key Infrastructres Julius Caesar

17 Security Trends Cryptography Symmetric Asymmetric Spoofing Man-in-the-Middle Replay TCP Hijacking Social Engineering Dumpster Diving Brute Force Dictionary Attack Software Exploitation Trojan Virus System Scanning

18 Agenda Security Trends Fundamentals on Security Security in a Virtualized Environment Best Practices for Securing Virtual Machines Benefit of the VMware Solutions

19 A New Architecture More Flexible Easier to deploy VMs and Virtual Appliances More Powerful Easier to setup a server, configured as you need Excellent for quick setup of an application through Virtual Appliances A Virtualized Environment

20 Potential Security Issues A New Architecture You have to face new potential security threats (VM Mobility; VM tampering; patching; communications channels; etc.) Hypervisor layer is the equivalent of a new OS; Potential for server sprawl (VM creation); Unprecedented mobility (VMotion, etc); More Flexible Easier to lose control More Powerful Easier to overlook some actions that could become dangerous Excellent for quick setup of an appliance thought Virtual Appliances You have to face the potential security threats related to VAs

21 Agenda Security Trends Fundamentals on Security Security in a Virtualized Environment Best Practices for Securing Virtual Machines Benefit of the VMware Solutions

22 Security Best Practices VM Security During Planning, Installation and Configuration

23 Security Best Practices Virtual or physical, organizations need to pay attention to security, and the fact that infrastructure is virtual doesn't make it inherently less secure

24 Keep the host OS thin and hardened (Gartner) Bare-metal solution ~1000 times less code than a regular OS Favor hypervisor-based systems Favor implementations in which the hypervisor is stored in firmware (VMvisor) Hypervisor and VMM provider must be able to support any hardware-based capabilities of the processor to prevent execution of code from areas of memory marked for data usage (NX/XD flag) Security Best Practices

25 Use processors that natively support virtualization (Gartner) VMware support it… but for performance reasons, not specifically for security Virtualization theory states that virtualization does not enable anything that was not already possible with a physical machine. Security Best Practices

26 Protect from resource Denial of Service Advanced Resource Management support of VI3 address exactly this potential threat Enforce the principle of least privilege By default, two VMs should never directly communicate with each other (including disk blocks or LAN resources) unless explicitly permitted Transparent Memory Sharing, even if useful for resource optimization, can be disabled if security reason require to do that Security Best Practices

27 Be Wary of SW-Based Security Appliances" Virtual Appliances are a new flexible and powerful tools in your hands. Always be careful when something is installed in your infrastructure. Do the same with virtual appliances ! Avoid shared IP addresses In VMware ESX is the only way to setup IP addressing Plan for dynamic IP addresses VMware products never change the VM's IP or MAC address unless the user explicitly reconfigures it. VMotioned VMs retain their same IP and MAC as well Security Best Practices

28 Plan for portable security protection The port group feature of VMware ESX Server provides the capability mentioned, namely, the ability to dynamically apply networking security policy as VMs migrate. Don't use internal VLAN capabilities as the sole means of separating workloads of different trust levels. This might be a valid recommendation for certain virtualization platforms, and certainly can be implemented easily on VMware Infrastructure Security Best Practices

29 VMVulnerability and VM Vulnerability and Configuration Management

30 Lock down and configure each VM as appropriate to the organization's standard guidelines for the OS being hosted Most security vulnerabilities occur through human error misadministration and mismanagement and VMs will be no exception Baseline the correct virtual server configuration All partitions must be patched VMware is actively working about patching offline images Keep the host OS and all guest OS partitions patched Security Best Practices

31 Lock down and configure each VM as appropriate to the organization's standard guidelines for the OS being hosted Most security vulnerabilities occur through human error misadministration and mismanagement and VMs will be no exception Baseline the correct virtual server configuration All partitions must be patched VMware is actively working about patching offline images Keep the host OS and all guest OS partitions patched Security Best Practices

32 Regularly scan all partitions for vulnerabilities Regularly scan for correct VMM and VM configuration. Don't overlook VM and application appliances Deactivate hyperthreading for guest OSs Security Best Practices

33 VMIntrusion Prevention VM Intrusion Prevention

34 Plan for a network firewall or an additional VM-based IPS protection if needed VMware virtual machines communicate with each via a network switch, just as with any physical server, so there is no reason for increased rate of infection Keep signatures, filters and rules updated for offline VMs VMware is actively working about patching offline images Protect invisible internal network traffic place a "network-based IPS" inside of the server (a host- based network IPS that monitors internal virtual network traffic) to inspect this traffic Security Best Practices

35 Alarm on incorrect network configuration or information flows Hashing to detect on configuration files changes Protect VM images Strict access control to protect VM images Protect online and offline VM configuration and policy files. Implement forbidding MAC address changes by the guest and rejecting forged MAC address transmission Detect (and potentially block) unauthorized VM management sessions. Security Best Practices

36 Identity and Access Management

37 Dont let one person managing all the devices Enforce Separation of Duties (SOD) SOD makes sure that one individual cannot complete a critical task by himself. Avoid the same person can manage the hosts and the Virtual Machine Use Role Based Access Control RBAC is the model used in Virtual Center Security Best Practices

38 Minimize per-VM administrative accounts. Its difficult to control and audit permission if sprawled Perform periodical permission review Take extreme care of root privileges Perform regularly auditing Analyze and protect log files Use correlation tools and clipping level Implement x VM life-cycle management Security Best Practices

39 Network Access Control

40 Security Best Practices Network Access Control grants access to enterprise network resources is granted based upon authentication of the user and device as well as only if compliat with policy

41 Modify the organization's NAC process and technologies to control VM access to the network Very difficult to apply for NAT based VMs No solution available on the market for NAT based VMs NAC technology can be fooled of MAC/IP moving Not happen in VMware infrastructure Ensure VMs (and VMMs) that connect conform to policy Favor VM creation using proved templates Security Best Practices

42 Dont let one person managing all the devices Enforce Separation of Duties (SOD) SOD makes sure that one individual cannot complete a critical task by himself. Avoid the same person can manage the hosts and the Virtual Machine Use Role Based Access Control RBAC is the model used in Virtual Center Security Best Practices

43 Business Continuity and Disaster Recovery

44 Security Best Practices Disaster Recovery try to minimize the effects of a disaster and take the necessary steps to ensure that the resources, personnel, and business processes are able to resume operation in a timely manner VMware virtualized environment improve greatly the Disaster Recovery implementation

45 Business Continuity planning, provides methods and procedures for dealing with longer-term outages and disasters A disaster recovery plan is carried out when everything is still in emergency mode A business continuity plan (BCP) takes a broader approach to the problem Security Best Practices

46 Avoid any technically single point of failure Leverage HA functionality Implement DRS solution to avoid resource intensive workload degrade the performance of single servers Implement VCB solution to have information backups ready Plan properly for dangerous events Natural Disaster (flooding, earthquakes, hurricanes, fire etc.) Power Failure (VMware is a Green Grid member) Human behaviors (terrorist attacks, strikes, errors, theft etc) Security Best Practices

47 Q & A


Download ppt "Securing a Virtualized Environment Stefano Alei Senior Systems Engineer."

Similar presentations


Ads by Google