{"id":2054,"date":"2011-10-31T14:55:17","date_gmt":"2011-10-31T09:25:17","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=2054"},"modified":"2011-10-31T14:55:17","modified_gmt":"2011-10-31T09:25:17","slug":"how-to-secure-a-virtualized-environment","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/how-to-secure-a-virtualized-environment\/","title":{"rendered":"How to secure a  virtualized environment?"},"content":{"rendered":"<p style=\"text-align: justify\">We had already gone through how virtualization works and the benefits it provides in an earlier blog, <a title=\"\u2018Server Virtualization\u2019 simplified\" href=\"https:\/\/www.qadit.com\/blog\/?p=1812\" target=\"_blank\">\u2018Server Virualization Simplified\u2019<\/a>, in June 2011. Now let us find out how to secure a virtualized environment.<!--more--><\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: justify\">NIST (National Institute of Standards and Technology \u2013 an agency of the US Department of Commerce), whose security guidelines for Information Security are widely acclaimed and followed, has prescribed a special publication 800-125 for securing virtualized environments. Gist of the NIST guidelines is given below. Readers may refer to the above mentioned guidelines to know more about each of the following recommendations.<\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: justify\">1.\tHost OS and Guest OS should be secured as per the organization\u2019s security policy and procedures relating to that OS. Best security practices relating to patch management, securing configuration baselines, anti-virus software, etc should be implemented.<br \/>\n2.\tApplication level controls should be implemented on all the applications hosted in the Guest OS.<br \/>\n3.\tHypervisor specific security measures:<br \/>\na.\tLatest software patches relating to the hypervisor should be applied. Unused virtual hardware and unneeded hypervisor services should be disabled.<br \/>\nb.\tPhysical controls should be applied to the hardware hosting the hypervisor.<br \/>\nc.\tAccess to virtualization management systems should be restricted to only authorized administrators through secure logins.<br \/>\nd.\tEnsure that the virtualization software is capable of monitoring communications between guest OS within the Host OS.<\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: justify\">On a reading of the above. one may observe that most of the security measures are familiar. It is true, except that one should not stop with securing the host OS alone but also secure all the components of the virtual environment including the guest OS, hypervisor and the resident applications.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We had already gone through how virtualization works and the benefits it provides in an earlier blog, \u2018Server Virualization Simplified\u2019, in June 2011. Now let us find out how to secure a virtualized environment.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[6],"tags":[199],"class_list":["post-2054","post","type-post","status-publish","format-standard","hentry","category-os-security","tag-virtualization"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-x8","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2054","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=2054"}],"version-history":[{"count":0,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2054\/revisions"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=2054"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=2054"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=2054"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}