Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2009 Pittsburgh Supercomputing Center Server Virtualization and Security Kevin Sullivan Copyright Kevin Sullivan, Pittsburgh Supercomputing.

Published byVanessa Wood Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2009 Pittsburgh Supercomputing Center Server Virtualization and Security Kevin Sullivan Copyright Kevin Sullivan, Pittsburgh Supercomputing."— Presentation transcript:

1 © 2009 Pittsburgh Supercomputing Center Server Virtualization and Security Kevin Sullivan ksulliva@psc.edu Copyright Kevin Sullivan, Pittsburgh Supercomputing Center 2009. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author

2 © 2009 Pittsburgh Supercomputing Center –Full Virtualization vs Paravirtualization –Major products Xen VMware Hyper-V –Virtualization is new Security is not well understood, yet. Virtualization overview

3 © 2009 Pittsburgh Supercomputing Center Hardware Kernel App Hardware Kernel App Hypervisor Kernel App Virtualization Diagram Non-virtual Virtual

4 © 2009 Pittsburgh Supercomputing Center Virtualization is GOOD for security Run one service per (virtual) server Easily test updates Rebuild compromised machines quickly Manage lots of machines

5 © 2009 Pittsburgh Supercomputing Center Virtualization is BAD for security More attack surfaces Information leakage DOSs can spread New, rapidly developing field

6 © 2009 Pittsburgh Supercomputing Center VM control Who allocates VMs and resources Who can manage a VM VM Sprawl

7 © 2009 Pittsburgh Supercomputing Center New attack vectors Hypervisor vulnerabilities: plan for them Shared hardware Shared networks

8 © 2009 Pittsburgh Supercomputing Center Appropriate Separation Physical > virtual > process Group services with similar security properties

9 © 2009 Pittsburgh Supercomputing Center Virtualization for a better tomorrow Security updates: test, deploy, roll back Standardized OS configurations Add redundancy

10 © 2009 Pittsburgh Supercomputing Center Discussion How do you manage your virtual infrastructure? What are the dangers? How can we mitigate those dangers?

Download ppt "© 2009 Pittsburgh Supercomputing Center Server Virtualization and Security Kevin Sullivan Copyright Kevin Sullivan, Pittsburgh Supercomputing."

Similar presentations

Virtualization: The Good, The Bad, and The Ugly S. Keshav University of Waterloo January 14th, 2010 Mysore Cloud Workshop.

Virtualization: The Good, The Bad, and The Ugly S. Keshav University of Waterloo January 14th, 2010 Mysore Cloud Workshop.
Computer Laboratory Virtualizing the Data Center with Xen Steve Hand University of Cambridge and XenSource.

Computer Laboratory Virtualizing the Data Center with Xen Steve Hand University of Cambridge and XenSource.
Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.

Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.
Save Time, Money, and Energy by Virtualizing Your Environment Mica Lyman and Shawn Harpe Oklahoma State University Copyright Mica Lyman, Shawn Harpe 2007.

Save Time, Money, and Energy by Virtualizing Your Environment Mica Lyman and Shawn Harpe Oklahoma State University Copyright Mica Lyman, Shawn Harpe 2007.
CHECK 2012 Bridging the Gap for Mobile Devices: Eager Adoption v. Practical Support Emporia State University The Faculty & Staff Support Perspective Cory.

CHECK 2012 Bridging the Gap for Mobile Devices: Eager Adoption v. Practical Support Emporia State University The Faculty & Staff Support Perspective Cory.
What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
Intellectual Property Statement Copyright Timothy Antonowicz, 2006. This work is the intellectual property of the author. Permission is granted for this.

Intellectual Property Statement Copyright Timothy Antonowicz, This work is the intellectual property of the author. Permission is granted for this.
© Copyright Computer Lab Solutions 2006. All rights reserved. Do you need usage information about your computer labs? Copyright Computer Lab Solutions.

© Copyright Computer Lab Solutions All rights reserved. Do you need usage information about your computer labs? Copyright Computer Lab Solutions.
Copyright Sylvia Maxwell and Michael White, 2007. This work is the intellectual property of the author. Permission is granted for this material to be shared.

Copyright Sylvia Maxwell and Michael White, This work is the intellectual property of the author. Permission is granted for this material to be shared.
Copyright Brian T. Huntley and Tim Antonowicz 2007 This work is the intellectual property of the authors. Permission is granted for this material to be.

Copyright Brian T. Huntley and Tim Antonowicz 2007 This work is the intellectual property of the authors. Permission is granted for this material to be.
Xen , Linux Vserver , Planet Lab

Xen , Linux Vserver , Planet Lab
Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.

Educause Security 2007ISC Information Security Copyright Joshua Beeman, This work is the intellectual property of the author. Permission is granted.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice In search of a virtual yardstick:

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice In search of a virtual yardstick:
Server Virtualization Gina Myers. Definition Creating virtual machines (VMs) “VMs are software entities that emulate a real machine’s functionality” ◦

Server Virtualization Gina Myers. Definition Creating virtual machines (VMs) “VMs are software entities that emulate a real machine’s functionality” ◦
Intro to Virtualization Andrew Hamilton TJ IT Technician.

Intro to Virtualization Andrew Hamilton TJ IT Technician.
Copyright Anthony K. Holden, 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Information Technology Career Ladder Clayton College & State University Larry Booth, IT Department Head Copyright Larry Booth,

Information Technology Career Ladder Clayton College & State University Larry Booth, IT Department Head Copyright Larry Booth,
Virtual Machines. Virtualization Virtualization deals with “extending or replacing an existing interface so as to mimic the behavior of another system”

Virtual Machines. Virtualization Virtualization deals with “extending or replacing an existing interface so as to mimic the behavior of another system”
Jeff McKinney Exchange to Mirapoint Migration January 11, 2006 Securing Email: Exchange to Mirapoint Jeff McKinney University of Maryland Dept of Electrical.

Jeff McKinney Exchange to Mirapoint Migration January 11, 2006 Securing Exchange to Mirapoint Jeff McKinney University of Maryland Dept of Electrical.
Presenter: Tyson Seburn Copyright ENGLISH CENTRAL, 2009. This work is the intellectual property of the author. Permission is granted for this material.

Presenter: Tyson Seburn Copyright ENGLISH CENTRAL, This work is the intellectual property of the author. Permission is granted for this material.

Similar presentations

Ads by Google