Overview-
Virtualization has become the necessity for all organizations irrespective of their sizes. Virtualization reduces costs and enables organizations to get more out of their technology investment. As virtualization is a vast area, proper knowledge to use it in the best possible way is the key to success.
Introduction: The term virtualization is a type of process used to create a virtual environment. The virtualization allows a user to run multiple operating systems on one computer simultaneously. It is creation of virtual (rather than actual) version of something such as an operating system, a server or network resources. For many companies, virtualization can be viewed as a part of an overall trend in IT environment which will be able to manage itself based on perceived activity and utility computing. The important goal of virtualization is to reduce administrative tasks while improving scalability and workloads.
Security Needs: Many organizations are thinking about the security implications after they deploy new technology. Virtualization provides many benefits which makes easy sell into IT architectures. The virtualization can save money, increases business efficiency, decreases down time during maintenance without affecting business and causing disruptions and doing more work with less equipment. Of course there are, many ways to implement virtualization in IT sectors using network virtualization, storage virtualization, server virtualization and desktop virtualization. Each type may contain some sort of security risk. There are many solutions for virtualization types. The important thing is that, virtualization can improve the security but it does not have capability to stop all the attacks.
Virtualization can be used in many ways and requires appropriate security controls in each situation. This article will explore the ways you can use virtualization to increase the security of your windows environment.
Following are the few ways to minimize risks and improve the security using virtualization:
- Sandboxing:
It is a security mechanism for separating running programs which is often used to execute untested code or untrusted programs from unverified third parties, suppliers and untrusted websites. The main goal of sandboxing is to improve virtualization security by isolating an application to prevent from outside malware, harmful viruses, applications that stops execution etc. If you have any application which is unstable or untested, simply put it in a virtual machine, so that it does not affect the rest of the system.
Sometimes you may get malicious attack to your application while running in the browser, so it is always a good practice to run your programs in a virtual machine. Sandbox technology closely related to virtualization. The virtual computing offers some of the benefits of sandboxes without having to pay premium for new machine. The virtual machine has connection to internet, not to the company LAN. So it protects operating system and programs form virus or harmful attacks on the virtual machine.
- Server Virtualization
Server virtualization is masking of server resources which helps in partitioning the physical server into smaller virtual servers to maximize resources. The administrator divides physical server into multiple virtual environments. Now a day, official records are stolen by hackers from servers. Server virtualization allows small virtual servers run its own operating system and independently rebooted of one another. Virtualized servers are used to identify and isolate applications which are unstable and compromised applications.
It is mostly used in web servers which provide low cost web hosting services. Server utilization manages complicated details of server resources while increasing the utilization and maintaining capacity. Virtualized server makes easier to detect malicious viruses or damaging elements, protects the server, virtual machines and the entire network.
The benefit of using server virtualization is that, it creates hardware abstraction layer between x86 hardware and operating system. It also reduces the density of virtual servers to physical server hardware. Server virtualization creates image of a server which makes easy to determine if the server is acting abnormally.
- Network Virtualization
It is the combination of hardware and software network resources and combines network functionality into single virtual network. With network virtualization, virtual networks minimize the effect of the malware when infecting the system. Network virtualization creates logical, virtual networks from underlying network hardware to better integrate with virtual environments.
The important feature of the network virtualization is isolation. It allows composing dynamically multiple virtual networks that co-exist together in isolation to deploy customized end-to-end services on the fly. They are managed on those virtual networks for the users by sharing and utilizing network resources gained from infrastructure providers.
Another main feature of network virtualization is – segmentation, in which the network is divided into sub networks and dividing of this process leads to boosting performance by minimizing local traffic in the network and improving security by making internal network structure invisible from outside. Network virtualization is also used to create virtualized infrastructure to support complex requirements by creating single instance of software application serving to multiple customers.
- Hypervisor Security
The term hypervisor means small software or hardware that creates and runs virtual machines and the machine which contains hypervisor are called as host machine. Hypervisor security enables virtualization by using hypervisor including development, implementation, provisioning and management.
There are some security recommendations for hypervisor as follows:
- Install the updates of hypervisor released by the vendor or sometimes most of the hypervisors will have automatic updating of software and install when updates found.
- Secure with thin hypervisors which makes deployment easy and run efficiently with minimal computing overhead and reduces the attack by malicious code that could reach the hypervisor.
- Don’t connect unused physical hardware to host system, unused NIC’s from any network. Sometimes disk drive is used for backup the data, so unused devices should be disconnected when they are not actively being used for backup.
- If you don’t need file sharing service or any other service between the guest OS and the host OS, then disable those services which are not needed.
- There must be security between guest OS’s to communicate and non-virtualized environments were handled by security controls such as firewalls, network appliances etc.
- Desktop Virtualization
It allows creating, modifying or deleting the images and separates desktop environment from the physical computer that is used to access it. Administrator can easily manage employees’ computers and protect it from the unauthorized access or introduction of viruses. It provides more security to the user by providing guest OS image for desktop environment and it doesn’t allow copy or saving of data to the disk than the server. In this way it makes desktop virtualization more secure.
- Infrastructure Security
The virtualized information infrastructure allows controlling the access to resources and maintains visibility to ensure information handling. All the activities within the computing environment need to be tracked though the infrastructure.
- Virtual Switches
It is a software program which provides security by using isolation, control and content inspection techniques between virtual machines and allows one virtual machine to communicate with another.
It does not allow to perform inter switch link attacks. The main purpose of virtual switch is to provide network connectivity to communicate with virtual machines and applications within the virtual network to physical network.
- Guest OS Security
It is the operating system in a virtual machine to host the main operating system and shares resources with other virtual machines on the same host. Virtualization allows sharing information with OS by using disks or folders created by networked disks.
It contains some security concerns such as updating guest OS systematically, keep the back up of virtual drives and apply same policy for non-virtualized computers. Never connect unused physical hardware to host system, because sometimes disk drive is used for backup the data, so unused devices should be disconnected when they are not actively being used for backup.
- High availability and disaster recovery
Now a day, first thing is to preserve the data and availability of services in the IT sectors. Virtualization reduce the time and cost of the disaster recovery by backing up the data in large unique file which saves the time when reinstalling OS and restoring the data. It allows restoring virtual machine in any host the meet the power requirements and also provides facility to recover physical failure without wasting more time.
- Server Isolation
The virtualization uses server isolation for the primary business purpose. We can run multiple servers on one virtual machine without virtualization, but there is a risk of having multiple servers on single server. Virtualization allows running multiple servers on a single machine while isolating servers from one another because they are running on separate virtual machines.
Summary: Virtualization has made huge impact in the IT business environment. Virtualization provides new security considerations for many firms by maximizing computing and infrastructure resources. Properly deployed virtualization techniques can provide security to the software, hardware, storage and network environment. But virtualization is only one of many tools in the security arsenal. So other security aspects should also be considered during the design of any application software.