Re: Securing VM servers

[Jeff Wolfe <wolfe () EMS PSU EDU>]

Jenkins, Matthew wrote:
> Michael, we have two separate clusters here for a private DMZ (we don't
> have a true DMZ with real IPs, everything is natted here) and our
> 'production' servers (i.e. database servers, ad, internal applications,
> file servers, etc.).  If a physical box interconnects two networks there
> is always a risk.  Hence, if a vulnerability in VMWare were to allow
> someone to administratively add a second NIC to a VM host in a network
> that it should not have access to, the result could be that VM host
> becomes a launch pad for an attack into the other network.  For that
> reason we decided to separate our clusters.  They do not share network
> resources or SAN space.  Perhaps we are over paranoid?

I would encourage anyone evaluating VMWare's security to discuss their
needs and situation with their VMWare SE. The security implications of
running a guest on the free VMWare server are considerably different
than running a guest on ESX server. The "exploits" posted earlier in
this thread are against VMWare Server, which is a completely different
animal from ESX.

Maybe it makes sense to allow a multi-homed ESX cluster, or maybe it
does not. In either case, nothing can substitute for a full risk
analysis that includes experts from the vendor as well as your own staff.

For what it's worth, in my environment, we feel that ESX is up to the
task, but your risks/needs are probably different from ours.

$0.02

-JEff