Vulnerabilities / Threats
3/4/2011
03:35 PM
Commentary
Commentary
Commentary
50%
50%

Hypervisor Security: Don't Trust, Verify

Combating vulnerabilities (and passing audits) is a matter of starting from the root and working up.

InformationWeek Green Virtualization Security Digital Issue- Mar. 7, 2011 InformationWeek Green
Download the InformationWeek March supplement on virtualization security , distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree for each of the first 5,000 downloads.

VIrtualization Security

For years I've watched the delicate balance between enterprise IT groups and their security teams. Every now and then, there's a sea change in one area that gives rise to, let's say, passionate discussions. After attending last month's RSA conference, I feel one of those moments coming on, this time around production server virtualization. Specifically, we're talking about hardening the hypervisor--arguably one of the most important components of your virtual architecture.

What? Didn't think your CISO cared about hypervisors? Well, if he attended RSA, he does now. And if you have production VMs, you better get ready to prove they're secure. Don't expect your security team to just trust you.

Combating vulnerabilities (and passing audits) is a matter of starting from the root and working up. One option that impressed me at RSA is Intel's TXT (Trusted Execution Technology)--Intel's response to the Trusted Platform Module (TPM) specification published by the Trusted Computing Group and accepted as an ISO standard in 2009.

The foundation of this new trusted computing infrastructure is what's known as the "hardware root of trust," which establishes a bottoms-up security posture based on assuring the integrity of the VM kernel and loaded modules as they reside on disk and in memory. To take advantage, first make sure your server hardware supports TPM. Once you've verified that your gear has the correct processor extensions and supporting chipsets, it's just a matter of adding a small circuit board that plugs into a TPM slot on the server motherboard. After you enable TXT in the server BIOS that runs your host, you go through a process of generating the hash state that VMware ESXi, Xen, and other hypervisors will use during the boot process to detect unauthorized changes or whether malware has infiltrated the host operating system.

Moving up the stack, software vendor HyTrust offers a virtual appliance that can access the TXT status through the vSphere vCenter API and make decisions on controlling guest movement based on the classification status of the host server. HyTrust also offers network-based policy management for your virtual infrastructure that provides administrative access control, hypervisor hardening, and audit-quality logging to protect you from malicious, or sometimes just careless, insiders. Now when your security auditor asks for proof of hypervisor protection, you can go down your checklist: hardware root of trust (check), trusted virtualization environment (check), and security information and event management tools (check).

You're only going to increase your use of virtualization, so think in terms of evolving security. Evaluate where you are today and educate yourself as new hypervisor hardening options become available to ensure that you always stay a step ahead of the CISO--and the people after your data.

Schalk Theron is VP of security and operations for cloud services and ECM company SpringCM. Prior to joining SpringCM, Theron was at Washington Mutual, leading operational support for more than 50,000 users and a national network of more than 3,000 sites and multiple enterprise-class data centers supporting the award-winning Wamu.com. Write to us at [email protected].

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas and her guest, David Shearer, (ISC)2 Chief Executive Officer, as they discuss issues that keep IT security professionals up at night, including results from the recent 2016 Black Hat Attendee Survey.