Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,"— Presentation transcript:

1 © 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Virtualisation – Security’s Friend or Foe?

2 Virtualisation is set to consign traditional hardware appliances to the dustbin of computing history” Roger Howorth, IT Week http://www.itweek.co.uk/itweek/comment/2162238/future-appliances-virtual

3 Virtualization Requirements Scheduler Memory Management VM State Machine Virtualized Devices Storage Stack Network Stack Binary Translators (optional) Drivers Management API

4 Old: Virtual Server Architecture Provided by: Windows ISV Virtual Server Guest Applications GuestsHost Ring 1: Guest kernel mode Ring 0: Kernel mode IIS Virtual Server WebApp Virtual Server Service Windows Server 2003/Windows XP Kernel Device Driver Server Hardware VMM Kernel Ring 3: User mode Windows (NT4, 2000, 2003) VM additions

5 New: Hyper-V Architecture Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments Ring “-1” Provided by: Rest of Windows ISV Hyper-V

6 New: Hyper-V Architecture Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments Ring “-1” Provided by: Rest of Windows ISV Hyper-V Hackers

7 Why not get rid of the parent? No defence in depth Entire hypervisor running in the most privileged mode of the system Ring “-”1 User Mode User Mode Kernel Mode Kernel Mode User Mode User Mode Kernel Mode Kernel Mode User Mode User Mode Kernel Mode Kernel Mode Ring 0 Ring 3 Virtual Machine Scheduler Memory Management Storage Stack Network Stack VM State Machine Virtualized Devices Binary Translators Drivers Management API Scheduler Memory Management Storage Stack Network Stack VM State Machine Virtualized Devices Binary Translators Drivers Management API Hardware

8 Micro-kernelized Hypervisor Defence in depth Using hardware to protect Hyper-V doesn’t use binary translation Further reduces the attack surface Ring -1 VM State Machine Virtualized Devices Management API VM State Machine Virtualized Devices Management API Storage Stack Network Stack Drivers Storage Stack Network Stack Drivers User Mode User Mode Kernel Mode Kernel Mode User Mode User Mode Kernel Mode Kernel Mode Ring 0 Ring 3 Virtual Machine Parent Partition Scheduler Memory Management Scheduler Memory Management Hardware

9 Security Assumptions Guests are untrusted Trust relationships Parent must be trusted by hypervisor Parent must be trusted by children Code in guests can run in all available processor modes, rings, and segments Hypercall interface will be well documented and widely available to attackers All hypercalls can be attempted by guests Can detect you are running on a hypervisor We’ll even give you the version The internal design of the hypervisor will be well understood Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments

10 Security Goals Strong isolation between partitions Protect confidentiality and integrity of guest data Separation Unique hypervisor resource pools per guest Separate worker processes per guest Guest-to-parent communications over unique channels Non-interference Guests cannot affect the contents of other guests, parent, hypervisor Guest computations protected from other guests Guest-to-guest communications not allowed through VM interfaces Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments

11 Isolation No sharing of virtualized devices Separate VMBus per VM to the parent No sharing of memory Each has its own address space VMs cannot communicate with each other, except through traditional networking Guests can’t perform DMA attacks because they’re never mapped to physical devices Guests cannot write to the hypervisor Parent partition cannot write to the hypervisor Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments

12 Hyper-V Security Hardening Hypervisor has separate address space Guest addresses != Hypervisor addresses No 3 rd party code in the Hypervisor Limited number of channels from guests to hypervisor No “IOCTL”-like things Guest to guest communication through hypervisor is prohibited No shared memory mapped between guests Guests never touch real hardware I/O Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments

13 Hyper-V & Secure Development Lifecycle Hypervisor built with Stack guard cookies (/GS) Address Space Layout Randomization (ASLR) Hardware Data Execution Prevention No Execute (NX) AMD Execute Disable (XD) Intel Code pages marked read only Memory guard pages Hypervisor binary is signed Hypervisor and Parent going through SDL Threat modeling Static Analysis Fuzz testing & Penetration testing Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments

14 Hyper-V Security Model Uses Authorization Manager Fine grained authorization and access control Department and role based Segregate who can manage groups of VMs Define specific functions for individuals or roles Start, stop, create, add hardware, change drive image VM administrators don’t have to be Server 2008 administrators Guest resources are controlled by per VM configuration files Shared resources are protected Read-only (CD ISO file) Copy on write (differencing disks) Guest Applications Child PartitionParent Partition Ring 3: User mode Ring 0: Kernel mode Virtualisation Stack VM Service WMI Provider VM Worker Processes Server Core Virtualization Service Providers (VSPs) Windows Kernel Device Driver Windows hypervisor Server Hardware Virtualization Service Clients (VSC’s) VMBus OS Kernel OS Kernel Enlightenments

15 Windows Server Core Windows Server frequently deployed for a single role Must deploy and service the entire OS in earlier Windows Server releases Server Core a new minimal installation option Provides essential server functionality Command Line Interface only, no GUI Shell Benefits Fundamentally improves availability Less code results in fewer patches and reduced servicing burden Low surface area server for targeted roles More secure and reliable with less management

16 Windows Server Core

17 What tools can help secure the Environment? IPSec for host authentication Use the principle of least privilege Only install software you have a reason to trust Ensure policy compliance – Network Access Protection can be a huge help Keep things as simple as possible Add functionality as high up the stack as possible

18 How to proceed? Virtualisation is not a silver bullet for security problems Nor is it a nightmare It just changes the threat landscape Carefully consider the impact on trust boundaries and the knock- on effect of compromised security at layers underneath the applications – the deeper down the stack, the worse the impact

19 What is Microsoft Forefront? Microsoft Forefront is a comprehensive line of business security products providing greater protection and control through integration with your existing IT infrastructure and through simplified deployment, management, and analysis. Edge Client and Server OS Server Applications

20 IT Service Management Data Protection Manager ‘Service Desk’ Capacity Planner Reporting Manager Operations Manager Client Data Storage & Recovery Problem Management Capacity Management IT Reporting Client Operations Management Configuration Manager Operations Manager Performance & Availability Monitoring Software Update & Deployment Microsoft System Centre Enabler for Microsoft’s Best Practices Microsoft Operations Framework Infrastructure Optimization

21 Next steps Receive the latest Security news, sign-up for the: Microsoft Security Newsletter Microsoft Security Notification Service Assess your current IT security environment Download the free Microsoft Security Assessment Tool Find all your security resources here http://www.microsoft.com/uk/security/infosec2008 http://www.microsoft.com/uk/security/infosec2008

22 Session Evaluation Hand-in you session evaluation on your way out Win one of 2 Xbox 360 ® Elite’s in our free prize draw* Winners will be drawn at 3.30 today Collect your goody bag which includes. Windows Vista Business (Upgrade), Forefront Trials, Forefront Hand-On-Labs Security Resources CD I’ll be at the back of the room if you have any questions * Terms and conditions apply, alternative free entry route available.

Download ppt "© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,"

Similar presentations

Device Virtualization Architecture

Device Virtualization Architecture
Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator.

Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator.
Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.

Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.
BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.
Lesson 7: Creating and Configuring Virtual Machine Settings

Lesson 7: Creating and Configuring Virtual Machine Settings
Virtualization and the Cloud

Virtualization and the Cloud
Lesson 9: Creating and Configuring Virtual Networks

Lesson 9: Creating and Configuring Virtual Networks
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
WMS07 - Hyper-V Security and Best Practices

WMS07 - Hyper-V Security and Best Practices
6 Hypervisor Management OS Guest VM 1 Guest VM n Hardware User Mode Kernel Mode User Mode … Kernel Mode User Mode.

6 Hypervisor Management OS Guest VM 1 Guest VM n Hardware User Mode Kernel Mode User Mode … Kernel Mode User Mode.
Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.

Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.
Hypervisor, Virtualization Stack, And Device Virtualization Architectures Mike Neil Product Unit Manager Windows Virtualization Microsoft Corporation.

Hypervisor, Virtualization Stack, And Device Virtualization Architectures Mike Neil Product Unit Manager Windows Virtualization Microsoft Corporation.
Windows Server Virtualization Scenarios And Features Jeff Woolsey Lead Program Manager Windows Virtualization Microsoft Corporation.

Windows Server Virtualization Scenarios And Features Jeff Woolsey Lead Program Manager Windows Virtualization Microsoft Corporation.
5205 – IT Service Delivery and Support

5205 – IT Service Delivery and Support
Christopher Samson Senior Hosting Technology Specialist Microsoft.

Christopher Samson Senior Hosting Technology Specialist Microsoft.
Windows 7 Windows Server 2008 R2 VirtualizationVirtualization Heterogeneous Server Environment Inventory Linux, Unix & VMware Windows 7 & Server 2008.

Windows 7 Windows Server 2008 R2 VirtualizationVirtualization Heterogeneous Server Environment Inventory Linux, Unix & VMware Windows 7 & Server 2008.
Ronen Gabbay Microsoft Regional Director Yside / Hi-Tech College

Ronen Gabbay Microsoft Regional Director Yside / Hi-Tech College
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 3 Desktop Virtualization McGraw-Hill.

© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 3 Desktop Virtualization McGraw-Hill.
Windows Virtualization: Strategy And Roadmap Mike Neil Product Unit Manager Windows Virtualization Microsoft Corporation.

Windows Virtualization: Strategy And Roadmap Mike Neil Product Unit Manager Windows Virtualization Microsoft Corporation.

Similar presentations

Ads by Google