Tag Archive: Security


Jun 13 2012

Escaping the Cave – A VMware admins worst fear

caveman

The worst security fear of any virtual environment is having a VM be able to gain access at the host level which can allow it to compromise any VM running on that host. If a VM was to gain access to a host it would essentially have the keys to the kingdom and because it …

Continue reading »

Apr 07 2011

Five ways to maximize VMware hypervisor security

For better or worse, administrators usually accept the default VMware hypervisor security settings. VSphere is fairly secure, but VMware security breaches can still occur. Careless mistakes and questionable administrative decisions can weaken infrastructure security — especially if IT pros are more concerned about management convenience than about hardening the hypervisor, hosts and virtual machines (VMs). To help …

Continue reading »

Apr 06 2011

VAR concerns and considerations for handling vSphere security: FAQ

Keeping your customer’s physical environment secure is more straightforward than dealing with security in a virtual environment. There are a number of hidden risks and concerns that solution providers need to be prepared for before fielding customer questions about vSphere security. Virtualization expert Eric Siebert breaks down what you need to know about securing your …

Continue reading »

Mar 24 2011

Five VMware security breaches that should never happen

VMware security breaches should not be taken lightly, especially now that there’s a spotlight on regulatory compliance and the shift toward cloud computing. Virtual hosts house many workloads, and if an unscrupulous individual gains unauthorized access to a host, that person can potentially compromise all of its virtual machines (VMs). That means virtualization administrators should …

Continue reading »

Sep 22 2010

All your ESX Service Consoles belong to us…

In case you needed more encouragement to move to ESXi here’s a good reason. The recent Linux vulnerability that was announced that can give attackers root access to a system effects the ESX 4.x Service Console as well as it is based off Red Hat Linux with the 2.6.28 kernel. The vulnerability affects nearly all …

Continue reading »

Aug 09 2010

Assigning vSphere security access controls

Security is critical in a vSphere environment. Virtual machine (VM) architecture, access methods and management is much different from that for physical servers. Because VMs are encapsulated into a single file that resides on a shared data store, additional attack vectors need to be secured. Further, any change or operation in a virtual environment can …

Continue reading »

May 14 2009

Upcoming webinar on Virtualization Security and Compliance

I received an invite today to an upcoming webinar on Virtualization Security and Compliance that is being given by Reflex Systems. What peaked my interest in it was the speakers and topics, one of the speakers is Rob Randall from VMware who is their security guru and also happens to reside in my hometown of …

Continue reading »

May 11 2009

Security Links

General vSphere 4.1 Hardening Guide (VMware) vSphere 4.0 Security Hardening Guide (VMware) Network Segmentation in Virtualized Environments (VMware) DMZ Virtualization Using VMware vSphere 4 and the Cisco Nexus 1000V Virtual Switch (VMware) Anti-Virus Practices for VMware View (VMware) VMware Fast Path Versus Slow Path Firewalls (chrisbrenton.org) How to steal a virtual machine and its data …

Continue reading »

May 07 2009

Security Links

General Security Design of the Vmware Infrastructure 3 Architecture VMware Infrastructure 3 Security Hardening VMware ESX Server – Providing LUN Security Security in a Virtualized Environment (VMworld 2007) Security Architecture Design and Hardening VI3 (VMworld 2007) VMware’s Security Response Policy ESX Security White Paper VI3 Security Risk Assessment Template Virtualization Security Playbook Being escorted out …

Continue reading »

Apr 22 2008

Top 10 things you must read about VMware Security

VMware Infrastructure 3 Security Hardening – A white paper from VMware with tips on securing ESX servers, VirtualCenter and Virtual Machines. Security Design of the VMware Infrastructure 3 Architecture – A white paper from VMware describing the security architecture of VI3 including networking, storage, service console and the hypervisor. Security Hardening and Monitoring of VMware …

Continue reading »