securing your virtualized datacenter - vmwaredownload3.vmware.com › elq › img ›...

Securing yourVirtualized Datacenter

Charu Chaubal

Senior Architect, Technical Marketing

6 November, 2008

Agenda

VMware Virtualization Technology

How Virtualization Affects Datacenter Security

Keys to a Secure Deployment

The Future of Datacenter Security

VMWARE VIRTUALIZATIONTECHNOLOGY

Securing your Virtualized Datacenter

Hosted Virtualization vs. Bare Metal Virtualization

Hosted Virtualization Bare-Metal Virtualization

VMware WorkstationVMware ServerVMware Player

VMware ESX ServerHost OSchanges securityprofile

Host OSchanges securityprofile

Guest VM can be trusted

Guest VM not necessarily

trusted

Isolation by design

5

ESX Hypervisor: Robust, Reliable Foundation

MSFT / Xen Architecture VMware Architecture

� Thin Custom Kernel� Direct driver model� VM-optimized drivers� Higher I/O throughput

� Large general-purpose OS� Indirect driver model� Generic drivers� I/O degradation under load

Drivers Drivers

Virtual Machine

Virtual Machine

Drivers Drivers

Virtual Machine

Virtual Machine

Drivers

Virtual Machine

Drivers

Virtual Machine

Drivers

Improving Security of the Platform

VMware ESXiCompact 32MB footprint

Fewer patches

Smaller attack surface

Absence of general-purpose management OS

No arbitrary code running on serverNot susceptible to common threatsOnly OS-independent design focused on virtualization

ESXi

Improving Security of the Platform

Harden Platform Services (2009)

Integrity on DiskTPM (Trusted Platform Module) supportCode & driver signing

Integrity in MemoryMemory Protection

VMware: Proven and Trusted

Thousands of customers in production

Passed security audit and put into production use by largest banks in the US

Passed Defense and Security Agencies scrutiny and audit

9

Independently validated

Common Criteria Certification EAL (Evaluation Assurance Level)

CC EAL 4+ certificationhttp://www.cse-cst.gc.ca/services/ccs/vmware-e.html

Highest recognized level

VMware Technologychosen as basis forNSA VirtualizedWorkstation

10

HOW VIRTUALIZATION AFFECTSDATACENTER SECURITY

Securing your Virtualized Datacenter

How Virtualization Affects Datacenter Security

12

How Virtualization Affects Datacenter Security

13

Biggest Security Risk: Misconfiguration

Neil MacDonald – “How To Securely Implement Virtualization”

“Like their physical counterparts, most security vulnerabilities will be introduced through misconfiguration and mismanagement”

What not to worry about

KEYS TO A SECUREVIRTUALIZED DEPLOYMENT

Securing your Virtualized Datacenter

Securing Virtual Machines

Host

Anti-Virus

Patch Management

Network

Intrusion Detection/Prevention (IDS/IPS)

Edge

Firewalls

17

Provide Same Protection as for Physical Servers

Secure Design for Virtualization Layer

18

Fundamental Design Principles• Isolate all management

networks• Disable all unneeded services• Tightly regulate all

administrative access

Enforce Strong Access Controls

Security Principle

Implementation in VI

Least Privileges

Roles with only required privileges

Separation of Duties

Roles applied only to required objects

19

Administrator

Operator

UserAnne

Harry

Joe

Maintain Strict Administrative Controls

Requirement Example Products

Configuration management, monitoring, auditing

Tripwire Enterprise for VMware ESXNetIQ Secure Configuration ManagerConfiguresoft ECM for Virtualization

Track and Manage VM Lifecycle

VMware Lifecycle ManagerVMware Stage Manager

Updating of offline VMs VMware Update ManagerShavlik NetChk Protect

Virtual network security CheckpointReflexThird Brigade

20

Diverse and growing ecosystem of products to help provide secure VMware Infrastructure

Security Advantages of Virtualization

Ease of maintenance

Test patches on multiple configurations in contained environment before rolling them out

Use snapshots to save the known good state of a virtual machine before trying out something risky

Production VM can be cloned and then modified off-line while the original one still runs.

Updated VMs can be brought up in parallel with the previous version

Both can be kept running as long as necessary to validate the new configuration

21

Security Advantages of Virtualization

Protect against attack of misconfiguration or attack

Ease of recovery

restoring it from last known good backup

patch in isolation before putting online

Ability to do forensics

Bring up hacked VM in isolation

22

Publish or Retract

Audit Usage

Retain

Dispose

Request for VM

Provisioning

Delete

Archive

Monitor & Adjust

Resources

Power-On or Suspend

Route for Audit/

Approval

Deploy from

Template

Create Approve

Request Document

Security Advantages of Virtualization

BetterLifecycleControls

BetterLifecycleControls

THE FUTURE OFDATACENTER SECURITY

Securing your Virtualized Datacenter

24

VMsafe™ Enables Application Protection

VMsafe API and Partner ProgramProtect the VM by inspection of virtual components (CPU, Memory, Network and Storage)

Run outside the VM

Complete integration and awareness of VMotion, Storage VMotion, HA, etc.

Fundamentally changes protection available for VMs running on VMware Infrastructure vs. physical machines

Provides an unprecedented level of security – “Virtual is more secure than Real”

ESX

VMsafe

ESX with VMsafe

http://vmware.com/go/vmsafe

VMsafe: Broad Security Industry Support

26

Enterprise to SMB

End-points to Gateways

Anti-Virus to IPS

Networks to Host

Audit to Patching

And Anywhere in between…

Virtual Datacenter OS: Security vService

App-specific security policies hard or impossible to set without interior visibility

Static, HW appliances cannot be dynamically re-configured based on topology changes

Fixed-capacity appliances forces over-provisioning

IIS #1

IIS #2

TomcatApp Server

OracleLoad BalancerFirewall Firewall

Before VDC-OS

After VDC-OS

Application topology and protocol awareness allows for dynamic security based on logical boundariesDynamic capacity and rerouting based on load balancing and power managementSecurity policies auto-adapt to network reconfiguration or upgrades to 3rd-party virtual networking, e.g Nexus 1000V

Where to Learn More

SecurityHardening Best Practices

Implementation Guidelineshttp://vmware.com/go/security

CompliancePartner Solutions

Advice and Recommendations

http://vmware.com/go/compliance

Thank You

Charu Chaubal

charu@vmware.com

http://www.vmware.com/go/security