Virtual Security

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQLServerCentral.com » Editorials » Virtual Security

Virtual Security

Rate Topic

Display Mode

Topic Options

Author

Message

Steve Jones - SSC Editor

Posted Sunday, August 21, 2011 9:05 PM

SSC-Dedicated

Group: Administrators
Last Login: Today @ 11:09 AM
Points: 31,416, Visits: 13,730

Comments posted to this topic are about the item Virtual Security

Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help

Post #1163086

Chris.C-977504

Posted Monday, August 22, 2011 7:28 AM

Old Hand

Group: General Forum Members
Last Login: Tuesday, May 14, 2013 2:10 PM
Points: 349, Visits: 256

First:
I really enjoy your editorials and I read as much and as often as I can.
I’m a developer, but I unofficially serve as my group’s DBA – like many people we have DBAs who handle backups, and not much else.

Second:
About your writing in the first paragraph this morning.
Great topic, great idea. Overall you write better than I do, don’t let little mistakes give a bad impression. Sometimes it sounds ESL – which I’m sure is due to transcription errors.

First paragraph from your email at 12:49 AM Eastern:
"I have a few friends that are working *1 virtualize almost their entire computer infrastructures. They work in large and small companies, but there is a constant push to avoid the bare metal installation of any operating system onto physical hardware, making every Windows or Unix machine a virtual machine on top of a hypervisor. I was surprised to hear that companies were being to *2 aggressive, but the cost benefits can be huge, and when virtualization is done in a smart way, performance doesn't suffer."

I assume that:
*1 = "to"
and
*2 should have been "so" instead of "to" (or perhaps "too")

Thanks again for the great content and keep up the great work!

Post #1163279

Randy Rabin

Posted Monday, August 22, 2011 8:16 AM

SSC-Addicted

Group: General Forum Members
Last Login: Monday, April 15, 2013 10:41 AM
Points: 498, Visits: 508

I'm not a virtualization or security expert, but I'm a little confused over why this was/is an issue. If someone has access to the vCenter app, sure they can open the console of a VM running in the environment, but without the Windows login credentials they wouldn't be able to get very far into the system.

And even if they had Windows credentials, they could still be locked out of SQL Server itself.

I'm not saying someone with that level of access couldn't do harm. They could shut down the VM or do irreparable damage to the file system. But, I don't see how could get to the data, especially if the backups are encrypted too.

Post #1163314

Steve Jones - SSC Editor

Posted Monday, August 22, 2011 9:20 AM

SSC-Dedicated

Group: Administrators
Last Login: Today @ 11:09 AM
Points: 31,416, Visits: 13,730

There are actually some exploits that can access the virtual machine's memory or disk if they have access to the physical hardware. vMotion, or similar technologies that allow a virtual machine to move to a different physical one means that you have to be careful.

The publication of the exploits, and scripts, mean that you don't necessarily have to be a genius to take advantage of these items.

Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help

Post #1163369

Steve Jones - SSC Editor

Posted Monday, August 22, 2011 9:21 AM

SSC-Dedicated

Group: Administrators
Last Login: Today @ 11:09 AM
Points: 31,416, Visits: 13,730

chris.compton-977504 (8/22/2011)

Thanks for the note. The review/proof of the work sometimes gets shortchanged at times. Corrections have been made.

Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help

Post #1163371

« Prev Topic | Next Topic »

Permissions