The roots of virtual machine (VM) technology go back 50 years, and for most of that time, VMs were the exclusive domain of mainframe computing. But in the past decade they’ve become a pervasive and indispensable part of all enterprise computing. Unfortunately, the passage of time does not guarantee that the security in even the most highly used technology will evolve. In fact, it’s usually the opposite. If you follow the headlines, you know that the online threat landscape changes on nearly a daily basis. VM technology often struggles to keep pace.
When thinking about virtualization’s impact on security, it is important to consider both the downside (“What new threats does it expose me to?”) and the upside (“How can I use it to my advantage?”). The answer depends on your implementation. And don’t forget interconnection.
Types of virtual machines
Two types of VMs are recognized:
- Hosted: This is when an operating system (OS) running on a server hosts one or more guest OSs, but in a way that a given guest is unaware it even has a host. In fact, each guest thinks that it exclusively rules the server’s physical CPU, memory, disk and networking resources.
- Bare metal: This is similar to a hosted VM, except the “host” is a highly specialized, lean-and-mean piece of software, known as a hypervisor, whose sole purpose is to juggle guests.
Probably the biggest mistake you can make with VMs is to forklift your legacy, insecure OS images into your VM management framework. Unfortunately, importing one dirty OS image into your VM management system empowers you deploy it throughout your server infrastructure with pushbutton ease. Your security problems will become exponentially worse.
Another thing to be aware of is that the guest stands to inherit the weaknesses of the host. For example, process separation is an essential feature of any OS, but plenty of bugs have been shown to violate it. In a non-VM environment, such a bug will only be exploitable for processes running on that single system. But in a VM environment, that bug might be exploitable for processes running in multiple guests, so if the host is running six guests, this is the equivalent of compromising seven physical machines.
In the bare metal scheme, since the hypervisor has bare minimum functionality relative to an entire OS, it theoretically presents a smaller attack surface. But this comes at a cost: Now, you’re not only in the business of maintaining OSs, you’re also in the business of maintaining hypervisors. Hypervisors are as subject to bugs as any other piece of software and will need periodic security patches applied.
There are material security benefits to running VMs. Implemented correctly, you will create a library of highly secure “golden” images, which can be used as templates for various kinds of virtual hardware. If the OS vendor releases a security patch, you need only apply it to the relevant golden images via the VM management system and redeploy them.
Another benefit is called “rollback.” In technical crowds, hosted VMs are popular on personal computers. My laptop, for example, runs an ordinary operating system, not a hypervisor. If I need to run a long-in-the-tooth application of questionable security, I can run it in a guest OS. If the guest gets compromised, the damage is temporary. When I shut down the guest, it reverts to its original, uncompromised state. That’s the “rollback.” My next boot of that guest will be a clean one.
VMs also provide a major shot in the arm for forensics. VM management systems allow you to take a snapshot of a guest while it is running. The guest can be moved to a quarantined environment and analyzed there.
Direct means secure
The various components that need to be interconnected in a hosted or bare metal virtual machine environment are least vulnerable when they’re linked by direct connections. This kind of connectivity is at the heart of an interconnection-first approach called an Interconnection Oriented Architecture™ (IOA™) strategy.
An IOA prescribes secure, direct interconnection close to your people, locations, clouds and data. It’s designed to thrive at the digital edge, where commerce, population centers and digital ecosystems meet. An IOA gives you a framework for developing secure VM environments that can adapt to evolving security challenges because it’s based on direct interconnection – the safest kind there is.
Read the Interconnection Strategy Guide to discover how to build a more secure VM environment.