5 Steps to a More
Secure Virtual Infrastructure
Sponsored by Dell and Intel®
Executive Brief
a QuinStreet Excutive Brief. © 2012
5 Steps to a More Secure Virtual Infrastructure
There are many reasons to virtualize
your infrastructure — consolidation,
cost savings and agility to name a
few. Improved security is usually not
a driver for virtualization because for
a long time, security was thought
to be an endemic downside. While
security is hardly a selling point for the
technology, it is not an inherent weak
spot either. Taking proper actions will
result in virtual server environment
secure enough for even the most
mission-critical applications and
sensitive data.
That said, virtual servers have very real
security needs. Understanding how
those needs differ from their physical
counterparts is critical. For starters,
both physical and virtual servers must
operating systems and hypervisors,
to spend an average of 51 percent
be secured against malware, viruses
and all the way up to applications,
more on security for virtualized
and intrusion. But many organizations
have taken the technology into
environments in 2012 than they did in
think primarily at the physical level and
account. Security is a key part of these
neglect to protect their virtual servers
adaptations, which include firewalls,
and hypervisors from the same woes.
virus protection and high availability.
Still, security is not something to be
complacent about. Just as you would
Fortunately, as enterprises have gone
In the case of Dell’s 12G PowerEdge
not rely on the vendors you work with
from dipping a toe in the virtual
servers, featuring the Intel Xeon
to spearhead your security efforts, so
waters to swimming with the sharks,
Processor E5 Family, security begins
too must you lead the effort to keep
IT organizations have heeded the
at the processor level with Intel
your virtual infrastructure secure.
advice of analyst firms and security
Trusted Execution Technology (Intel
If your virtual environment is not
experts before an oft-predicted major
TXT). Intel TXT provides hardware-
secure, the physical host they reside
data breach related to virtualization
based resistance to malicious software
on will not be secure. One poorly
has occurred. This focus on security
attacks that could occur before the
secured virtual instance introduces
has also coincided with the migration
virtual machine boots.
a vulnerability that can impact your
of data and applications of increased
business importance to virtual servers.
entire network.
These efforts to bolster security are
well received. An Infonetics Research
As hyperbolic as that sounds, this
In addition, as virtualization has
Survey of 105 North American
is the heart of what differentiates a
become more commonplace, IT
companies in mid-2011 forecasted
physical server security from virtual
vendors all along the stack from
breakout spending in 2012, with
server security. ServerWatch, a website
processors to CPUs to firmware to
respondent companies expecting
in the IT Business Edge Network,
© 2012, QuinStreet, Inc.
5 Steps to a More Secure Virtual Infrastructure
cites four key reasons2 why virtualized
servers tend to be less secure than the
physical machines they replace:
• Security considerations are not
taken into account from the
very beginning in many server
virtualization projects
• All the virtualized workloads have
“Security is not a zero sum game,
and a virtualized infrastructure does
have some security advantages
over an unvirtualized one. ”
the potential to be compromised
by a single compromise of the
track of and fewer physical servers and
is the virtual equivalent of stealing a
networking elements to secure from
physical server — without having to
• Virtualized workloads that have
outside threats. It also means fewer
enter an actual data center and remove
different trust levels are often
systems to worry about going down.
a piece of computing equipment.
However, using virtualization to
Hypervisor: The Achilles Heel of
the Data Center
virtualization layer
consolidated onto a single physical
host without sufficient separation
• Many organizations lack adequate
controls for administrative access
consolidate hardware means many
more eggs in far fewer baskets, so it
is all the more important that these
There is also the danger of the
systems be reliable. When a box goes
hypervisor being attacked directly.
down, it is not just one application that
Hypervisors are a huge potential
must fails, but multiple applications.
security weak spot, as they run at
Similarly, it is not just a single entry
the most privileged ring level on a
be remedied. These five key steps
point on the network to be protected
processor. This makes it difficult, if not
will explain how.
but multiple.
impossible, for an OS running on the
to the hypervisor/virtual machine
monitor layer and to administrative
• Fortunately, all of these reasons can
hypervisor to detect an attack such as
1. Understand the Strengths
and Weaknesses of a Virtual
Each virtual server is a potential entry
“hyperjacking,” in which a hypervisor
point on the network. From there,
is subverted or a rogue hypervisor
the attacker can mount an attack
inserted. From there, a hacker can use
and take control of the hypervisor.
his control of the hypervisor to control
Security is not a zero sum game, and
This is referred to as “VM escape.”
any virtual machine running on the
a virtualized infrastructure does have
Alternately, the hacker can move on
physical server.
some security advantages over an
from the virtual server of entry and
unvirtualized one. Understanding the
compromise other virtual servers
This possibility became even more real
fundamentals of these differences and
running on the same hardware. This is
in May 2012 when VMware revealed3
planning your deployment accordingly
referred to as “VM hopping.”
that confidential source code for its
will go a long way.
ESX hypervisor had been leaked and
There is also the possibility of “VM
was posted to a code sharing site.
For starters, a virtualized environment
Theft,” the ability to steal a virtual
(The 300MB of hypervisor source
is likely to have less hardware. This
machine file electronically, and then
code were from 2003.) This left many
means less actual equipment to keep
mount it and run it elsewhere. This
wondering if the code contained in
© 2012, QuinStreet, Inc.
5 Steps to a More Secure Virtual Infrastructure
the leak was still current, and therefore
to the physical server. This does not
weakest link, a virtual server can’t be
cause for concern, or obsolete and thus
mean the security should be the same
any more secure than the box itself.
nothing to worry about.
mechanics as that of the physical server
Securing your virtual server starts
— and do not get so busy securing
with the physical hardware, and the
Whatever an enterprise’s level of
your virtual servers that you forget to
reliability of the box is a big part of
concern, this should be treated as
secure the boxes in which they sit —
this. Security therefore begins at the
a wakeup call. If your hypervisor
rather, it means that each virtual server
processor level.
layer is not patched to minimize
should receive the well thought out
vulnerabilities, and locked down to
protection historically given to the box
The major processor vendors
prevent exploits, you are exposing
in which it sits.
have designed their most recent
your entire network to a potential hack.
generation of processors with
Dell has found a variety of ways to
Although many of the conventional
virtualization in mind. Intel® Trusted
protect the hypervisor. In addition to
security offerings are not equipped
Execution Technology (TXT), for
building in protection at the processor
to catch virtual server traffic that does
example, integrates with Intel® Active
level in its 12G PowerEdge servers,
not leave the physical server, this is
Management Technology and Intel®
featuring the Intel® Xeon® Processor
changing. A variety of offerings have
Virtualization Technology.
E5 Family, Dell has taken steps toward
sprung up in the past few years that
mitigating potential downtime caused
address the security needs to virtual
Intel®TXT delivers an isolated execution
by hypervisor vulnerability by running
servers. In addition, the hypervisor
environment and associated sections
redundant hypervisors on mirrored
vendors have begun to address these
of memory where operations can
dual-secure digital cards.
issues within their offerings.
be conducted on sensitive data
such that they are invisible to the
One thing is clear about virtual server
security, however. Each virtual server,
2. Security Starts at the Processor
whether guest or host, should get
the same level of protection afforded
rest of the system. It offers a sealed
portion of storage where sensitive
data, such as encryption keys, can be
Just as a chain is only as strong as its
kept. This shields the data so it is not
compromised in a malicious code attack.
Intel® TXT also features attestation
mechanisms to ensure the code is in fact
executing in this protected environment
and has correctly invoked Intel® TXT.
Together, these components help
ensure the Intel® Xeon® Processor
E5 Family is optimized for a virtual
environment. This enables Dell’s
12G PowerEdge servers to better
facilitate software-level virtualization,
minimizing the performance
bottleneck and leading to greater
uptime and reliability.
© 2012, QuinStreet, Inc.
5 Steps to a More Secure Virtual Infrastructure
“Reducing virtual machine sprawl
this would put your systems at risk.
and its security consequences
Similarly, new patches and updates
boils down to adopting the
management practices that
worked in the physical world. ”
to all applications and hypervisors
must be applied as soon as they are
released. The challenge in a highly
virtualized environment is to ensure
all virtual instances of a vulnerable
application are patched.
Because it is so easy to create and
deploy virtual machines, there are
often virtual instances created for test
Reliability is a key tenet of security. A
traveling over the network should be
or other purposes that simply are not
server that constantly crashes does
ever taken down. Over time, these
unattended virtual machines may be
not offer the business continuity that
organizations require for data and
applications access. It introduces
3. Choose Software Carefully
and Keep It Current and Secure
left out of the normal patch process.
Again, this could open your company
up to risk if a hacker were to exploit
greater risk for data to be hacked into,
and it can result in damages and loss
Whether you’re evaluating firmware, a
the vulnerability of an abandoned
of the data, impacting the credibility
hypervisor, a firewall, an application or
virtual machine.
of the business as a whole.
other software, be sure that its security
4. Keep a Close Eye on Your
Virtual Servers
involves the actual hardware, in other
Firewalls have undergone major
Some of virtualization’s virtues —
cases, systems vendors partner with
changes in recent years. Many now go
agility and flexibility, for example
the virtualization vendors and an
beyond packet and stateful filtering.
— can double as management
optimized version of the virtualization
Newer generation firewalls routinely
vices, particularly when it comes
technology is installed natively,
include application layer filtering,
to managing easily created virtual
sometimes on the bare metal server.
perform deep packet inspection, and
machines as they move through their
This results in better performance as
offer integrated intrusion protection
life cycles.
well as enhanced security.
systems. These capabilities can all
limitations are acceptable for your
Today’s CPUs are designed for to
be virtualized. In some cases this
help protect servers running virtual
Rapid growth of virtual machines can
In addition to securing your virtual
instances of critical applications against
lead to a condition known as “virtual
servers, it is also important to ensure
attacks. As with any IT equipment
sprawl,” in which lapses in the basic
that your network is secure. Endpoints
(and regardless of whether the firewall
care of multiplying, unaccounted-for
should be firewalled to protect
is software- or hardware-based), you
virtual instances can present major
the network from intrusion, viruses
need to be diligent with updates and
problems to a company.
and malware. In addition, any data
applying patches. If you are not, a
or virtual machines (and with that
hacker might exploit the vulnerability
Reducing virtual machine sprawl
applications contained on them),
the patch is intended to secure. And
and its security consequences boils
© 2012, QuinStreet, Inc.
5 Steps to a More Secure Virtual Infrastructure
down to adopting the management
easily accessible and comprehensive
Grant administrator level access to
practices that worked in the
inventory of virtual machine images
physical and virtual elements only to
physical world. You might begin by
becomes critical. After all, software
those who need it. And monitor for
standardizing on well-planned golden
needs to be inventoried before it can
suspicious activities.
images of certain applications’ virtual
be maintained and patched.
instances. Conduct careful inventories
to ensure all virtual machines are
known. And adhere to timely patching
Develop guidelines and rules
5. Follow Sound Practices and
deployment. Ensure the rules and
policies are enforceable using systems
Finally, the human element of security
Just as with physical servers, virtual
for virtual machine creation and
and security management tools.
must be addressed.
Bring It All Together
instances must be deployed and
configured systematically to ensure
To begin, use the best practices from
security and reliability. And you should
the physical world. Have policies
Securing a virtual infrastructure
create master images where software
in place that ensure virtual servers
requires additional work over securing
can be installed and validated once.
are configured correctly and set
a physical server. Many of the issues,
up securely. Set levels of access
potential problems, management
and management control so only
challenges and vulnerabilities are
Over time, it is likely that you will
authorized users can create, deploy,
the same. As such, comparable
end up with many clones as virtual
change or patch a virtual machine.
approaches to those used with
physical servers must be employed to
machine images are deployed,
customized and updated. This adds
Be sure physical servers are secure.
ensure that your virtual assets are not
to the management chores needed to
Use common sense. Grant data center
compromised or your organization
secure your systems. The reason: The
access only to authorized staff. Control
will be exposed to risk. Dell’s 12G
greater the variety of virtual machine
access with passkeys or some other
PowerEdge servers, featuring the
images that must be updated, the
form of protection. Lock racks with
Intel® Xeon® Processor E5 Family,
more difficult and time-consuming the
servers and storage devices that handle
go a long way toward meeting this
task. This is where having a current,
mission critical applications and data.
Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium,
Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, and Xeon Inside are trademarks of Intel Corporation in the U.S. and/or other countries.
© 2012, QuinStreet, Inc.