SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Virtual Security


Virtual Security

Author
Message
Steve Jones
Steve Jones
SSC Guru
SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)

Group: Administrators
Points: 144522 Visits: 19424
Comments posted to this topic are about the item Virtual Security

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
JChrisCompton
JChrisCompton
Mr or Mrs. 500
Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)Mr or Mrs. 500 (522 reputation)

Group: General Forum Members
Points: 522 Visits: 283
First:
I really enjoy your editorials and I read as much and as often as I can.
I’m a developer, but I unofficially serve as my group’s DBA – like many people we have DBAs who handle backups, and not much else.


Second:
About your writing in the first paragraph this morning.
Great topic, great idea. Overall you write better than I do, don’t let little mistakes give a bad impression. Sometimes it sounds ESL – which I’m sure is due to transcription errors.

First paragraph from your email at 12:49 AM Eastern:
"I have a few friends that are working *1 virtualize almost their entire computer infrastructures. They work in large and small companies, but there is a constant push to avoid the bare metal installation of any operating system onto physical hardware, making every Windows or Unix machine a virtual machine on top of a hypervisor. I was surprised to hear that companies were being to *2 aggressive, but the cost benefits can be huge, and when virtualization is done in a smart way, performance doesn't suffer."

I assume that:
*1 = "to"
and
*2 should have been "so" instead of "to" (or perhaps "too")

Thanks again for the great content and keep up the great work!
Randy Rabin
Randy Rabin
SSChasing Mays
SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)SSChasing Mays (626 reputation)

Group: General Forum Members
Points: 626 Visits: 561
I'm not a virtualization or security expert, but I'm a little confused over why this was/is an issue. If someone has access to the vCenter app, sure they can open the console of a VM running in the environment, but without the Windows login credentials they wouldn't be able to get very far into the system.

And even if they had Windows credentials, they could still be locked out of SQL Server itself.

I'm not saying someone with that level of access couldn't do harm. They could shut down the VM or do irreparable damage to the file system. But, I don't see how could get to the data, especially if the backups are encrypted too.



Steve Jones
Steve Jones
SSC Guru
SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)

Group: Administrators
Points: 144522 Visits: 19424
There are actually some exploits that can access the virtual machine's memory or disk if they have access to the physical hardware. vMotion, or similar technologies that allow a virtual machine to move to a different physical one means that you have to be careful.

The publication of the exploits, and scripts, mean that you don't necessarily have to be a genius to take advantage of these items.

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Steve Jones
Steve Jones
SSC Guru
SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)SSC Guru (144K reputation)

Group: Administrators
Points: 144522 Visits: 19424
chris.compton-977504 (8/22/2011)
First:
I really enjoy your editorials and I read as much and as often as I can.
I’m a developer, but I unofficially serve as my group’s DBA – like many people we have DBAs who handle backups, and not much else.


Second:
About your writing in the first paragraph this morning.
Great topic, great idea. Overall you write better than I do, don’t let little mistakes give a bad impression. Sometimes it sounds ESL – which I’m sure is due to transcription errors.


Thanks for the note. The review/proof of the work sometimes gets shortchanged at times. Corrections have been made.

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search