Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1650
  • Last Modified:

What to use to encrypt a drive on a Virtual Machine

I have a D: drive on a web application server that has the database and file storage on the D: drive. Customer requires files and sql data at rest be encrypted.

I have tried Truecrypt and it is unacceptable due to not being able to establish quota checks on the encrypted drive. Bit locker is not recommended for VMs due to not being able to put the encryption key on a usb drive.

Any ideas on how to encrypt this drive and still be able to replicate to DR site and have quotas established to watch for the disk filling up? 2008 server running MS SQL 2008.
0
jimmylew52
Asked:
jimmylew52
  • 4
  • 4
  • 2
  • +1
7 Solutions
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Bitlocker or Truecrypt.
0
 
jimmylew52Author Commented:
I have tried Truecrypt and it is unacceptable due to not being able to establish quota checks on the encrypted drive.

 Bit locker is not recommended for VMs due to not being able to put the encryption key on a usb drive.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
Rich RumbleSecurity SamuraiCommented:
Why encrypt the drive? That is not how most handle needing a DB to be encrypted. Full-disk or full-partition encryption only protect you from PHYSICAL theft, have a look at my article here: http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html
You probably want to encrypt the DB, there are a lot of 3rd parties you can use to do this:
http://technet.microsoft.com/en-us/library/bb510663.aspx
I recommend using an HSM to better secure the keys
http://www.safenet-inc.com/data-protection/database-encryption/sql-encryption/
http://en.wikipedia.org/wiki/Transparent_Data_Encryption

Why do the files need to be encrypted? Again using Bitlocker or TC for this only protects when the data is physically taken. When the encrypted container is mounted/open then the files look like other files, there is no additional protection once you open the container. You can use NTFS etc, but the encryption part isn't doing much for you. M$ Office documents can have passwords that protect them, and in office 2007 or greater the encryption is quite good, prior to that however it is not. Most of this is covered in my articles.
-rich
0
 
McKnifeCommented:
First: Bitlocker can very well use virtual floppies (.flp files) to provide an encryption key on startup of the machine (whole virtual machine is encrypted). To make this a useful idea, put the .flp file onto a share of another secured server. We use this method.
To reply to richrumble's objection of using partition/full hdd encryption on VMs: if the VM host is stolen, it will be stolen when powered down. So if the thief has no way of suspending these machines before powering down the host, they will just crash (be forcefully powered off) and need the key the next time the thief tries to boot them.
0
 
Rich RumbleSecurity SamuraiCommented:
You can take the snap-shot of the booted OS, but that's not my objection, when the partition/hdd is powered on, there is effectively no encryption at play. Same with a bank vault, the Bank opens the vault at 9:00am, and the bank employees can walk in and out of it at will while it's open, it's just another room. When it's closed, only someone with the key can get in. Stealing a VM image that uses FDE would be the same as stealing a physical server that uses FDE, but with a VM your chances of getting "physical" access to it are probably greater. You don't typically find FDE in a server/colocation unless you really do not trust the staff or physical location. FDE is typically found on LT's and portable devices.
-rich
0
 
McKnifeCommented:
Rich, you don't need to repeat it.  Just think about why I might think this is secure.
Question1: how would you make a snaphot? You cannot logon to the host or did you think the host is accessible to the thief?
Q2: "Stealing a VM image that uses FDE would be the same as stealing a physical server that uses FDE, but with a VM your chances of getting "physical" access to it are probably greater" - yes? How would you do it? I am sure they are not greater.
0
 
Rich RumbleSecurity SamuraiCommented:
>Question1: how would you make a snaphot? You cannot logon to the host or did you think the host is accessible to the thief?
Yep, 99% of the places I go, if you get admin for one computer, you get it for all. We discussing protecting files and DB's, I'm assuming the worst has happened, someone who is not authorized, is accessing the data/machine. I'm assuming that machine is pwned. File level/DB level encryption would be a better defense than FDE. Physical theft isn't really on my radar, but that's what FDE helps against, that's all.
>Q2: "Stealing a VM image that uses FDE would be the same as stealing a physical server that uses FDE, but with a VM your chances of getting "physical" access to it are probably greater" - yes? How would you do it? I am sure they are not greater.
It's "easier" to steal a VM and go unnoticed when it's 0's and 1's, as opposed to lugging around a 100lbs server. Again the worst has happened, someone has access where they shouldn't, and file-level/cell/db level encryption, in my mind, are the places I'd focus on.
-rich
0
 
McKnifeCommented:
I am not convinced a tiny bit.
I will tell you more if the author is interested, no sooner.
0
 
jimmylew52Author Commented:
Thank all of you for your input. a lot of good discussion here and I appreciate it.

I will be using Bitlocker to encrypt the drive and a floppy or usb as is easier for me to setup.

Richrumble - I agree with you on the lack of security but the encryption at rest is a requirement of the customer and not how we encrypt our data or SQL connections. whoever has made up the requirements has hit on a buzz word or two to look good and has made it mandatory.

Thanks again everyone for the imput.
0
 
McKnifeCommented:
I don't find this very satisfying. I hope you understood that providing the key to the server is the crucial point. If you use a key but don't separate it from the server but keep a disk (or virtual disk from a local datastore!) inserted, then you have no real protection.

It was not even discussed if the restart of machines has to run unattended or not - which is absolutely important for the decision on what to use and configure.
You should continue here.
0
 
Rich RumbleSecurity SamuraiCommented:
Check-boxes, all they are looking to do is check some boxes... I'm almost numb to it. Secure on paper is never the same thing as secure IRL.
-rich
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

  • 4
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now