Vulnerabilities / Threats
3/4/2011
03:35 PM
Commentary
Commentary
Commentary
50%
50%

Hypervisor Security: Don't Trust, Verify

Combating vulnerabilities (and passing audits) is a matter of starting from the root and working up.

InformationWeek Green Virtualization Security Digital Issue- Mar. 7, 2011 InformationWeek Green
Download the InformationWeek March supplement on virtualization security , distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree for each of the first 5,000 downloads.

VIrtualization Security

For years I've watched the delicate balance between enterprise IT groups and their security teams. Every now and then, there's a sea change in one area that gives rise to, let's say, passionate discussions. After attending last month's RSA conference, I feel one of those moments coming on, this time around production server virtualization. Specifically, we're talking about hardening the hypervisor--arguably one of the most important components of your virtual architecture.

What? Didn't think your CISO cared about hypervisors? Well, if he attended RSA, he does now. And if you have production VMs, you better get ready to prove they're secure. Don't expect your security team to just trust you.

Combating vulnerabilities (and passing audits) is a matter of starting from the root and working up. One option that impressed me at RSA is Intel's TXT (Trusted Execution Technology)--Intel's response to the Trusted Platform Module (TPM) specification published by the Trusted Computing Group and accepted as an ISO standard in 2009.

The foundation of this new trusted computing infrastructure is what's known as the "hardware root of trust," which establishes a bottoms-up security posture based on assuring the integrity of the VM kernel and loaded modules as they reside on disk and in memory. To take advantage, first make sure your server hardware supports TPM. Once you've verified that your gear has the correct processor extensions and supporting chipsets, it's just a matter of adding a small circuit board that plugs into a TPM slot on the server motherboard. After you enable TXT in the server BIOS that runs your host, you go through a process of generating the hash state that VMware ESXi, Xen, and other hypervisors will use during the boot process to detect unauthorized changes or whether malware has infiltrated the host operating system.

Moving up the stack, software vendor HyTrust offers a virtual appliance that can access the TXT status through the vSphere vCenter API and make decisions on controlling guest movement based on the classification status of the host server. HyTrust also offers network-based policy management for your virtual infrastructure that provides administrative access control, hypervisor hardening, and audit-quality logging to protect you from malicious, or sometimes just careless, insiders. Now when your security auditor asks for proof of hypervisor protection, you can go down your checklist: hardware root of trust (check), trusted virtualization environment (check), and security information and event management tools (check).

You're only going to increase your use of virtualization, so think in terms of evolving security. Evaluate where you are today and educate yourself as new hypervisor hardening options become available to ensure that you always stay a step ahead of the CISO--and the people after your data.

Schalk Theron is VP of security and operations for cloud services and ECM company SpringCM. Prior to joining SpringCM, Theron was at Washington Mutual, leading operational support for more than 50,000 users and a national network of more than 3,000 sites and multiple enterprise-class data centers supporting the award-winning Wamu.com. Write to us at iwletters@techweb.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7402
Published: 2014-12-17
Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.

CVE-2014-5437
Published: 2014-12-17
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php,...

CVE-2014-5438
Published: 2014-12-17
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.

CVE-2014-7170
Published: 2014-12-17
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

CVE-2014-7285
Published: 2014-12-17
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.