NIST drafts guide for hypervisor security

[InfoSec News <alerts () infosecnews org>]

http://gcn.com/articles/2014/10/21/nist-hypervisor-security.aspx

By GCN Staff
Oct 21, 2014

The National Institute of Standards and Technology released a draft of 
SP-800-125 A, Security Recommendations for Hypervisor Deployment, for 
public comment. Because of widespread growth in server virtualization for 
hosting enterprise applications and providing cloud services, 
recommendations for secure deployment of hypervisor platforms are needed, 
the standards agency said.

Since the January 2011 publication of NIST’s SP 800-125, Guide to Security 
for Full Virtualization Technologies, both the feature set of hypervisors 
as well as tools for configuring the virtualized infrastructure spawned by 
the hypervisor have seen considerable increase.

The NIST guidance examines the security implications of hypervisor 
platform choices and provides security recommendations for deployments in 
an enterprise.

Hypervisors provide abstraction of all physical resources (such as CPU, 
memory, network and storage) and allow IT managers to run multiple virtual 
machines (VMs) on a single physical host, also referred to as a 
virtualized or hypervisor host. The hypervisor can also define a network 
that enables communication among the VMs. Enterprise data centers use the 
hypervisor for server virtualization because it makes better use of 
hardware resources and reduces power consumption However, it is also 
susceptible to threats from rogue VMs that can subvert the hypervisor’s 
access control to hardware resources such as memory and storage.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/