mitigating information security risks of virtualization ...€¦ · mitigating information security...
TRANSCRIPT
![Page 1: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/1.jpg)
© 2009 VMware Inc. All rights reserved
Mitigating Information Security Risks
of Virtualization Technologies
Toon-Chwee, Wee
VMWare (Hong Kong)
![Page 2: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/2.jpg)
Agenda
Virtualization Overview
Key Components of Secure Virtualization Technologies
Achieving and Demonstrating Compliance
Use Case: Securely Mixing Trust Zones
![Page 3: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/3.jpg)
Virtualization Basics
![Page 4: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/4.jpg)
Traditional View
Pools of Shared Resources
Virtual Infrastructure
Exchange
Operating System
PCI
Operating System
DNS
Operating System
CRM
Operating System
Interconnect Pool
CPU Pool Memory Pool
Storage Pool
VMware Infrastructure
VMware Infrastructure
VMware Infrastructure
VMware Infrastructure
VMware Infrastructure
![Page 5: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/5.jpg)
How Virtualization Affects Security and Compliance
Abstraction and Consolidation
• ↑ Capital and Operational Cost Savings
• ↓ New infrastructure layer to be secured
• ↓ Greater impact of attack or misconfiguration
Collapse of switches and servers into one device
• ↑ Flexibility
• ↑ Cost-savings
• ↓ Lack of virtual network visibility
• ↓ No separation-by-defaultof administration
5
![Page 6: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/6.jpg)
How Virtualization Affects Security and Compliance
Faster deployment of servers
• ↑ IT responsiveness
• ↓ Lack of adequate planning
• ↓ Incomplete knowledge of current state of infrastructure
• Poorly Defined Procedures
• ↓ Inconsistent Configurations
VM Mobility
• ↑ Improved Service Levels
• ↓ Identity divorced from physical location
VM Encapsulation
• ↑ Ease of business continuity
• ↑ Consistency of deployment
• ↑ Hardware Independence
• ↓ Outdated offline systems
• Unauthorized copy
6
![Page 7: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/7.jpg)
What not to worry about
Hypervisor Rootkits
• Examples: Blue Pill, SubVirt, etc.
• These are ALL theoretical, highly complex attacks
• Widely recognized by security community as being only of academic interest
Irrelevant Architectures
• Example: numerous reports claiming guest escape
• Apply only to hosted architecture (e.g. Workstation), not bare-metal (i.e. ESX)
• Hosted architecture deliberately include numerous channels for exchanging information between guest and host.
Contrived Scenarios
• Example: VMotionintercept
• Involved exploits where
• Best practices around hardening, lockdown, design, for virtualization etc, not followed, or
• Poor general IT infrastructure security is assumed
![Page 8: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/8.jpg)
Security Advantages of Virtualization
• Allows Automation of Many Manual Error Prone Processes
• Cleaner and Easier Disaster Recovery/Business Continuity
• Better Forensics Capabilities
• Faster Recovery After an Attack
• Patching is Safer and More Effective
• Better Control Over Desktop Resources
• More Cost Effective Security Devices
• App Virtualization Allows de-privileging of end users
• Better Lifecycle Controls
• Security Through VM Introspection
![Page 9: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/9.jpg)
Primary Compliance Issue:
Collocation of VMs on Same Physical Hardware
Virtual Infrastructure
Interconnect Pool
CPU Pool Memory Pool
Storage Pool
VMware Infrastructure
• Virtual Machines are dedicated
and isolated entities abstracted
from the physical hardware
• Isolation characteristics of VMs
and virtual networks meet
compliance requirements
• Configuration choices are key
in meeting compliance
requirements
• Misconfiguration is greatest risk
to virtual infrastructure
![Page 10: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/10.jpg)
KEYS TO A SECURE
VIRTUALIZED DEPLOYMENT
![Page 11: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/11.jpg)
How do we secure our Virtual Infrastructure?
Use the Principles of Information Security• Hardening and Lockdown
• Defense in Depth
• Authorization, Authentication, and Accounting
• Separation of Duties and Least Privileges
• Administrative Controls
For virtualization this means:• Secure the Guests
• Harden the Virtualization layer
• Setup Access Controls
• Leverage Virtualization Specific Administrative Controls
![Page 12: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/12.jpg)
Securing Virtual Machines
Host
• Anti-Virus
• Patch Management
Network
• Intrusion Detection/Prevention (IDS/IPS)
• Firewalls
12
Provide Same Protection
as for Physical Servers
![Page 13: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/13.jpg)
Isolation in the Architecture
Segment out all non-production networks
• Use VLAN tagging, or
• Use separate vSwitch (see diagram)
Strictly control access to management network, e.g.
• RDP to jump box, or
• VPN through firewall
13
vSwitch1
vmnic1 2 3 4
Production
vSwitch2
VMkernel
Mgmt Storagevnic
vnic
vnic
vCenter IP-based
StorageOther ESX/ESXi
hosts
Mgmt
Network
Prod
Network
![Page 14: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/14.jpg)
Secure/Compliant Virtualization Platform Requirements
Enterprise Features for Management Controls
Strong Access Controls Centralized Authentication
Granular Authorization Controls
Configuration Management
Audit and Logging
A Flexible and Well Defined API
![Page 15: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/15.jpg)
Enforce Strong Access Controls
Security
Principle
Implementation in
Virtual
Infrastructure
Least
Privileges
Roles with only
required privileges
Separation of
Duties
Roles applied only to
required objects
Administrator
Operator
UserAnne
Harry
Joe
![Page 16: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/16.jpg)
Maintain Tight Administrative Controls
Requirement
Configuration management, monitoring, auditing
Track and Manage VM
Updating of offline VMs
Virtual network security
![Page 17: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/17.jpg)
Achieving Regulatory Compliance
Think Security First
Design for Compliance
Understand the Scope of the Requirements
Ensure that Controls are Comprehensive
Don’t Rely on Technology Alone
Assign the Right Project Manager
Collaborate with the Auditor
![Page 18: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/18.jpg)
Use Case: Securely Mixing Trust Zones
Three Primary Configurations
• Physical Separation of Trust Zones
• Virtual Separation of Trust Zone with Physical Security Devices
• Fully collapsing all servers and security devices into a Virtual Infrastructure
![Page 19: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/19.jpg)
Physical Separation of Trust Zones
![Page 20: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/20.jpg)
Physical Separation of Trust Zones
Advantages
•Simpler, less complex
configuration
•Less change to physical
environment
•Little change to separation of
duties
•Less change in staff knowledge
requirements
•Smaller chance of
misconfiguration leading to a
security issue
Disadvantages
•Lower consolidation and utilization of
resources
•Higher cost
![Page 21: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/21.jpg)
Virtual Separation of Trust Zones with Physical Security Devices
![Page 22: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/22.jpg)
Virtual Separation of Trust Zones
with Physical Security Devices
Advantages
•Better utilization of resources
•Take Full Advantage of Virtualization
Benefits
•Lower cost
Disadvantages (can be mitigated)
•More complexity
•Greater chance of misconfiguration
![Page 23: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/23.jpg)
Fully Collapsed Trust Zones including Security Devices
![Page 24: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/24.jpg)
Advantages
•Full utilization of resources, replacing
physical security devices with virtual
•Lowest-cost option
•Management of entire DMZ and network from
a single management workstation
Disadvantages (can be mitigated)
•Greatest complexity, which in turn creates
highest chance of misconfiguration
•Requirement for explicit configuration to
define separation of duties to help mitigate
risk of misconfiguration; also requires
regular audits of configurations
•Potential loss of certain functionality, such
as VMotion (Being mitigated by vendors
and VMsafe)
Fully Collapsed Trust Zones including Security Devices
![Page 25: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/25.jpg)
Conclusion
Understand Virtualization Technology
Isolation Characteristics of VMs make Collocation of VMs Compliant
Key Components of Secure Virtualization Technologies a Must
Understand the Steps Necessary for Compliance
![Page 26: Mitigating Information Security Risks of Virtualization ...€¦ · Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) Agenda](https://reader034.vdocuments.site/reader034/viewer/2022051808/600cf47e58cb9605e974deb4/html5/thumbnails/26.jpg)
© 2009 VMware Inc. All rights reserved
Questions?