Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Virtual Security

By Steve Jones,

I have a few friends that are working to virtualize their entire computer infrastructures.  They work in large and small companies, but there is a constant push to avoid the bare metal installation of any operating system onto physical hardware, making every Windows or Unix machine a virtual machine on top of a hypervisor. I was surprised to hear that companies were being so aggressive, but the cost benefits can be huge, and when virtualization is done in a smart way, performance doesn't suffer.

However virtualization can change security, especially when you have VMs that are allowed to move from physical host to physical host. The state of New Mexico embarked on a similar project, and were concerned over security of the virtual machines. Their department had dismissed some employees because of a security breach a few years earlier and security was on the forefront of their minds. Additional security as well as network controls were used in their project, and I hope they also implemented strong auditing procedures.

As we move to newer infrastructures that include virtualization, physical security becomes more important, and additional controls are needed. The ability for someone to potentially move a VM outside of a data center, or even to a less secure remote data center becomes a point of concern. Moving the storage itself might be an even bigger problem as virtual storage becomes more commonplace.

Ultimately, however, we can't all have dedicated security employees, nor can we expect every DBA, sysadmin or even security officer to be able to protect against and mitigate all attack vectors. Auditing is ultimately the best way to handle breaches. We can't prevent all of them, but responding quickly, learning, and perhaps more importantly informing the appropriate people to be ready to respond to the information disclosure. 

Steve Jones


The Voice of the DBA Podcasts

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Total article views: 96 | Views in the last 30 days: 2
 
Related Articles
ARTICLE

Physical Security

The physical security of our systems might be a bigger problem in the future as more and more hacker...

ARTICLE

Virtualization for Security

This editorial was originally published on Nov 7, 2006. It is being re-run as Steve is at SQL in the...

ARTICLE

Podcast Announcements

Podcast Feeds

ARTICLE

Virtual Conversions

Virtualization is becoming more and more popular, being implemented in many companies every day to r...

FORUM

virtualization

virtualization

Tags
editorial    
security    
virtualization    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones