Re: Virtualization and Security ?

["Jeffrey I. Schiller" <jis () MIT EDU>]

One of the issues that I haven't heard mentioned in this thread is the
security of the SAN that your VM's are likely connected to. If someone
can compromise the configuration of the SAN, then they can attach any
volume to any VM host and if they can compromise a VM host (or
VMware's virtual center) then they can configure any VM to have access
to the volume, or even create their own for their amusement).

We are in the process of deploying VMware for as many servers as we
can. For reliability, we are going to operate VMware hosts in three
separate facilities and have the ability to move virtual servers
between them. In some cases while they are up and running and in other
cases "off line" (with the virtual machine shutdown).

We are not planning on dedicating particular VMware hosts to
particular levels of security (though others are doing that). We want
the flexibility to migrate virtual machines to hosts as needed. Cost
issues also preclude different SANs for different security levels.

For security we are isolating the management LAN from any other
network. However appropriate staff will have access via a VPN box to
be able to access the management LAN from anywhere. We have the option
of requiring SecurID access for this (but haven't made a final
decision on whether or not to go that way yet). These same staff are
also on-call, so we will always have someone with the ability to
manage the VMware "cloud" available.

                        -Jeff

--
 =======================================================================
Jeffrey I. Schiller
MIT Network Manager
Information Services and Technology
Massachusetts Institute of Technology
77 Massachusetts Avenue  Room W92-190
Cambridge, MA 02139-4307
617.253.0161 - Voice
jis () mit edu
 =======================================================================

Attachment: signature.asc
Description: Digital signature