Avoid 'security by obscurity'

Virtualisation poses a range of new security risks that many local companies have not yet had to contemplate, says IBM X-Force security consultant Dr Jean Paul Ballerini.

"Virtualisation introduces a variety of security issues that need to be addressed when companies consider implementation," he notes.

Ballerini recently visited IBM's local customer base to determine the security issues and knowledge in the local market. He says one of the many misconceptions he found locally and internationally was that virtual machines have no physical layer and are, therefore, hidden.

"Companies must understand that virtualisation may do away with the physical hardware, but the machines are still visible. It is not a matter of 'security by obscurity'." He adds that these security troubles may be compounded by the nature of the technology.

The lack of a physical device has created a new and interesting security problem that many companies have overlooked, says Ballerini. "People no longer need to steal a computer or hard drive and walk out of a building with it. An entire virtual machine can be downloaded to a USB key, or external hard drive, that can be easily transported."

A consequence of the loss of the physical layer has also led to the inability to monitor network traffic. "Traffic was traditionally monitored between servers to ensure unwanted traffic was located and dealt with. With virtualisation, the intra-server traffic cannot be monitored."

Virtual servers are given a space on the network by means of a MAC address (the address that identifies a hardware device on a network), which is virtually created. Not being able to monitor traffic also allows intruders to create a new virtual server with the identical address and have all network information routed there. "Which could give them access to sensitive information," adds Ballerini.

Companies currently secure each individual virtual server with security software, which, according to IBM, can be a costly exercise, especially in terms of software licensing. "It is essentially unnecessary replication that creates overhead on the network."

Ballerini says many companies are working to change the security methods for a virtualised network. "IBM is in the process of developing Phantom, a security appliance that will live in the hypervisor."

He says the Phantom initiative aims to create virtualisation security technology to monitor and disrupt malicious communications between virtual machines. "It is also designed to increase the security posture of the hypervisor - a critical point of vulnerability, because once an attacker gains control of the hypervisor, they gain control of all of machines running on the virtualised platform."

VMware has agreed to release an API that will allow security vendors to create a product that will inspect traffic at the hypervisor level. "We are hoping to plug into that API and have a package that will secure the virtualised environment," says Ballerini.

The product is still in research and will have to wait for the VMware release, so no date has been set for a live product.

Related stories:
SAS spans physical and virtual
Mac gets first open source virtualisation