Solved

Virtual systems

Posted on 2011-09-05
9
361 Views
Last Modified: 2012-05-12
Are there any added areas that auditors would need to check when a windows server goes from physical to a vmware virtual server? Or is it just the same principles as whether it was a physical or virtual device? In terms of data security, just wanted to ensure tehre are no new vmware "features" that if poorly configured would make the server and its data prone to compromise?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 121

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 300 total points
ID: 36484335
The same Physical server checks/security policies also apply to Virtual server Guest checks.

But with one additional check, that you may also need to check the security of the Host Hypervisor which hosts all the Virtual Machines, and check that the Host Hypervisor is secure and correctly implemented, and security hardended if required.
0
 
LVL 121
ID: 36484340
Also checkout the VMware Compliance Checker for vSphere

Check the compliance of your IT infrastructure against specific standards and best practices that are applicable for the environment. The Compliance Checker is a free, downloadable, fully-functional product for checking compliance of your environment to help you ensure that it remains secure and compliant.

It's a Free Download here
http://www.vmware.com/products/datacenter-virtualization/vsphere-compliance-checker/overview.html

0
 
LVL 3

Author Comment

by:pma111
ID: 36484341
Physical security is good offsite retina scanners cctv etc
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 3

Author Comment

by:pma111
ID: 36484440
I am not familiar with vSphere - is it a specific virtualisation tool?

0
 
LVL 3

Author Comment

by:pma111
ID: 36484442
I assume its a scanner just for virtual hosts?
0
 
LVL 10

Assisted Solution

by:BloodRed
BloodRed earned 200 total points
ID: 36484481
The same scanning principles apply to the virtual machines, security settings, patch levels and such are still the same as a physical server. The compliance checker linked above is a good way to ensure you are in compliance with best practices for the vSphere hosts (yes, vSphere is a virtualization infrastructure), common things are separation of the VM networks from the managment and storage networks, applying appropriate security patches, separating duties for administrators, etc.  
0
 
LVL 121
ID: 36484504
The Compliance Checker is to check vSphere Hosts (ESX/ESXi) servers.

vSphere is the VMware brand. e.g. VMware vSphere Hypervisor.
0
 
LVL 3

Author Comment

by:pma111
ID: 36486920
http://www.ultimatewindowssecurity.com/webinars/register.aspx?id=142

Interesting comments:

"I’ve always preached that applications and databases are only as secure as the operating system they run on.  Now I find myself preaching that operating systems are only as secure as the virtualization infrastructure they run on. "
0
 
LVL 121
ID: 36487535
It's very true of any IT system. It's not just virtualization, but physical as well.

e.g. one simple security item are ALL the clocks syncronised in your organisation and reading the correct time, otherwise Audits logs will be wrong.
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question