VMs can quickly eat into your disk space, and powering back on a dormant VM can leave a huge hole in the network's security, according to Serguei Beloussov, chief executive of virtualisation vendor Parallels. If dormant VMs are brought back online without receiving patches or anti-malware updates, it makes them vulnerable to security threats.
Beloussov suggests two main ways to prevent dormant VMs from becoming a security issue. First, management best practices should ensure that virtual machines are correctly decommissioned and monitored after use. An alternative approach is to virtualise at the OS level, where a patch can be applied across all VMs at once to reduce the risk of exposure to security threats.
"Either way, there is a clear need for education around virtualisation and security within a department," Beloussov said.
Traditional virtualisation security tools don't cut it
Attacks on dormant VMs are still relatively uncommon due to the recent uptake of virtualization on x86 platforms, but there are several tools on the market that can help protect virtual environments against such attacks.
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchVirtualDataCentre.co.uk you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchVirtualDataCentre.co.uk is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
Microsoft's Windows Server 2008 has a built-in Network Access Protection feature that allows admins to restrict network access from devices that don't pass compliance checks. There are also many third-party tools that offer protection, including Vizioncore's vControl, a VM management product, and McAfee's VirusScan Enterprise anti-virus software.
New threats and vulnerabilities are bound to emerge due to the intricacy of virtual environments, but security tools for physical environments don't offer the necessary level of protection -- virtual servers have a unique set of requirements compared with physical servers.
Despite the fact that virtual security tools are still relatively immature, Jon Collins, service director at analyst firm Freeform Dynamics, said the fear of VM sprawl should be reason enough for IT managers to keep up to date with what's on their networks.
"A more dynamic server requires more dynamic tools and management," Collins said. "Sometimes poor management of a network is not down to the IT manager, but down to the tools -- these will come with the maturity of the market, though."
Rik Ferguson, a senior security adviser at Trend Micro, agreed that software for a physical environment is not suitable for the virtual world and would leave the network open to numerous problems, including issues with traffic between VMs, malicious code and unprotected dormant machines.
"Many are deploying security software for their VMs that they should be using in a physical world. They think it works to the same level of performance in a virtual world, but it does not.
"The wrong software in a virtual environment puts a heavy load on the operating system. Malware is very important in a virtual environment, because it is hard to keep track of VMs. Also, standard products cannot scan dormant machines, but VMware can," Ferguson added.
He advised IT managers to install antivirus software in case a VM is left on but undetected.
Simon Ashford, technical specialist at NetIQ, said the virtual environment should provide the same -- if not greater -- levels of performance, availability and security as the physical environment.
"Stringent planning and careful phasing are essential to project success -- to fail to plan is to plan to fail," Ashford said.
Kayleigh Bateman is the site editor for SearchVirtualDataCentre.co.uk.