Misconceptions surrounding security in a virtualized environment

Transcription

1 Misconceptions surrounding security in a virtualized environment Clavister White Paper ization is a boom technology, and it is imperative that this environment is secure as any other part of the network. It is important to: Understand how virtualization will affect data security in your new environment Incorporate virtualization into your security policy Ensure that you know what you need to do to maintain security in a virtualized environment Check that you have the right technology solutions in place to meet the needs of your particular organization and the most appropriate tools and processes for smooth implementation and efficient administration Overview While adverse global economic conditions may be affecting other sectors of the IT market, the virtualization explosion continues. Industry analysts report that between 60 to 80 per cent of IT departments are pursuing server consolidation projects in an attempt to reduce operating costs and increase efficiency. Because it allows organizations to achieve significant savings in their data center operations, ization is fast becoming a mainstream technology and an integral part of IT infrastructures. However, like many popular trends, it can be implemented in a rush of enthusiasm without considering the impact that this can have on the business including that of security. What is virtualization? ization allows organizations to achieve significant savings by providing a layer of abstraction between computer hardware systems and the software running on them. It uses a hypervisor software program that allows multiple operating systems to share a single hardware host, thus creating shared pools of resources and enabling the creation of many virtual machines on just one physical server. Before virtualization, if a company wanted to run applications requiring different operating systems, they needed to invest in multiple servers. By enabling one server to run multiple operating systems and so a broader set of applications, virtualization allows companies to use their existing servers to full capacity rather than investing in new ones. This dramatically improves the efficiency and availability of resources and applications and gets rid of the one server, one application idea that leads to underutilization of resources and more complex management. A boom market In the early 1990s, virtualization technologies were used primarily to recreate end-user environments on a single piece of mainframe hardware, enabling IT administrators to test new software on different operating systems. Interest faded with the advent of the x86 architecture but was regenerated when industry leader VMware developed the first hypervisor for the x86 architecture. That sowed the seed for the current virtualization boom, and industry analyst, Gartner, recently placed virtualization at the top of its list of the ten most important strategic technologies for we are network security

2 Gartner I defines a strategic technology as one with the potential to have significant impact on an enterprise and to transform its business initiatives. It predicts not only an increase in virtualization of servers, but also of storage and client devices and says virtualization will dominate the market for at least the next three years. lication Operating system Environment lication Operating System Machine lication Operating System Machine Infrastructure lication Operating System Machine Storage Network Network Servers Storage ization allows several operating systems to run on a single machine. Create shared pools of resources to optimize your infrastructure. Figure 1: ization allows several operating systems to run on a single machine To further underline the virtualization boom, VMware reports that its solutions are now used by more than 120,000 IT organizations worldwide including all of the Fortune 100 companies. Benefits of virtualization izing your infrastructure not only enables you to reduce costs, but it also increases the efficiency, utilization rates and flexibility of existing IT assets. The ability to pool infrastructure resources means that you get more out of your hardware and can eliminate the one server, one application model. Reducing the physical infrastructure reduces data center costs. Not only do you have to buy fewer servers, but power and cooling requirements are lowered and fewer staff are needed to manage the infrastructure. Industry specialist VMware says its customers typically save 50 to 70 per cent on overall IT costs by consolidating their resource pools and delivering highly available machines with VMware infrastructure. VMware also says that for every server virtualized, US$700 and 7,000kWh a year are saved and four tons of CO2 emissions are also saved each year. A 10:1 consolidation equates to between 80 and 90 per cent less energy used. High availability of both hardware and applications is increased through efficient and secure backup and the elimination of unplanned downtime. In turn, this improves business continuity. ization enables faster server provisioning and application deployment giving organizations the flexibility to quickly respond to market changes. Desktop manageability and security is improved through the ability to deploy, manage and monitor secure desktop environments that users can access locally or remotely, with or without a network connection. Challenges and misconceptions While there are many undoubted benefits associated with virtualization, the implementation of this comparatively new technology is also surrounded by a number of potentially dangerous misconceptions that arise principally from a lack of understanding. Dangerous assumptions A recent YouGov II survey commissioned by Clavister found that more than forty per cent of IT directors and managers that have implemented server virtualization may have left their IT networks open to attack because they wrongly believed that security was built in. This lack of understanding is one of the most dangerous misconceptions surrounding virtualization and it was recently underlined by Neil MacDonald, a Vice President at respected analyst firm, Gartner: ization, as with any emerging technology, will be the target of new security threats. Many organizations mistakenly assume that their approach for securing virtual machines will be the same as securing any operating system and thus plan to apply their existing configuration guidelines, standards and tools. While this is a start, simply applying the technologies and best practices for securing physical servers will not provide sufficient protection for virtual machines. I Source: Gartner Identifies the Top 10 Strategic Technologies for 2009 Gartner, October II All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 212 private sector IT or Telecoms Directors and Senior Managers. Fieldwork was undertaken between 22nd - 29th September The survey was carried out online.

3 He added that in the rush to adopt virtualization, many security issues are overlooked and best practices not applied. Gartner predicts that as a result, 60 per cent of production virtual machines will be less secure than their physical counterparts throughout Gartner advises that the process of Machines are not allowed to talk with each other without first going through the Security Gateway (VSG). All security inspections which would have been performed by a physical security gateway are carried out by the VSG in the virtual environment. DMZ1 DMZ2 DMZ3 VM VM VM VM Security Gateway (VSG) Clavister Infrastructure Security Gateway Security Gateway Switch (VLANS) Network ization Layer Internet Hardware Figure 2: Securing the virtual environment securing virtual machines must start before they are deployed and even before vendors and products are selected so that security and securability can be factored into the evaluation and selection process. ization offers new points of attack and gives access to a far wider number of applications than a traditional physical server, adds Andreas Åsander, VP product management at Clavister. It is vital that IT staff take steps to achieve the same level of security in their virtualized environment that they had in their traditional, physical environment. Different security requirements One of the main challenges of virtualization is the need to ensure that the security of your infrastructure has not been compromised by the transition. Many people assume that the security of a virtualized environment is just like that of a physical environment but this is not the case! Security in a physical environment is based on the servers being fixed and easily identified by their rack, row number or other physical details. However, in a virtual environment, everything is dynamic and constantly changing. In essence, machines loose their identity making them difficult to check out. The misconception is that everything is secure because the environment is still protected by a firewall but that does not apply in a virtualized network, explains Åsander. The reality is that a lot of applications running inside a virtual infrastructure are communicating with each other. Before it was virtual these were standing on different legs of the firewall with different interfaces so when the physical servers communicated with each other, those communications had to be through the firewall. In the virtual environment, they don t have to do that. The traffic does not have to leave the virtual infrastructure at all so they do not get the security that a firewall offers. Basically, virtualization means that they have torn down all these barriers within the security mechanism of the network. Problems can come from employees who have direct access that is not protected by firewalls and a worm or Trojan can infect a less secure machine such as a community portal or forum on the Web server. Segmentation in a physical environment prevents these from spreading but in a virtualized environment you do not have that segmentation so a hacker in your Web system can easily jump over to your financial systems or databases. One solution is to create a number of different virtualized systems but this negates the value of a virtualization because you end up with multiple systems to track and manage. Such an environment does not benefit from redundancy and disaster recovery tools and makes lab testing expensive and complex. It also increases the risk of costly service downtime in the event of security appliance hardware failures.

4 Security Gateway a firewall within the virtual infrastructure The most effective way to reap the benefits of virtualization but maintain security is to implement a Security Gateway which is a firewall that runs inside your virtual infrastructure and ensures that security policies are enforced for all communication inside the virtual environment. machines are not allowed to talk to each other unless they go through the security gateway. A Security Gateway such as that developed by Clavister uses VPN encryption to secure communication between virtual machines. Since the Security Gateway can be run inside the virtual infrastructure, security auditing can be achieved and so regulatory compliance requirements can be met. Users have the scalability to simply deploy new security gateways as they expand their environment. Also, since the virtual security gateway is part of the virtual infrastructure, it becomes easier to create lab test environments which decreases complexity of security tests and in turn, improves the overall security. The VSG protects the virtual environment from security threats including inter-vm attacks and external attacks. VSG1 VSG2 VSG3 VSG4 DMZ1 DMZ2 DMZ3 VSG Clavister Infrastructure Clavister Infrastructure Protecting the Data Center Protecting the Enterprise Figure 3: The power of Clavister Security Gateway (VSG) With this in mind, virtualization should be included in your security policies. It should encompass virtualization, protecting the virtual administration center and only allow access to this from a separate network, and minimise the number of administrators with access to the virtualization administration tools. Think networks not servers A common problem facing those who intend to virtualize their environment is that the main drivers of reducing the estate, decreasing administration and cutting costs all concern servers, so the projects are traditionally run by server people and not network specialists. They start off the project, implement it, migrate from physical to virtual servers and set up their own network inside the virtual infrastructure just to make it work. Rarely, along this route, do they think about how this affects security because they still have the same anti-virus software installed that they used in the physical environment. Companies must apply the same basic principles of network security no matter whether it is a virtual or physical infrastructure and not be tempted to neglect defined policies just because they are going virtual. If there are network security specialists then they must be brought into the project from the beginning. If it is realized much later in the project that network security has been compromised or, in the worst case, if there is a security breach, then it will land in the laps of those responsible for the network so it is better to involve them from the start. Test, test then test again Many IT managers still do not conduct the appropriate level of testing necessary to ensure that the new system fulfils all policies and expectations. It is vital to conduct exhaustive tests to evaluate security levels.

5 Replicating the production environment to a test environment is easy with virtualization and this should be utilized. You should try to hack into the systems and try to run standard out-of-the-box toolkits to pinpoint any glitches that may cause problems. Test what you will do in an emergency at the planning stage before you may face it in real life. Right tools for the job Do not assume that the tools and processes that ensure security in your physical environment will work in the virtualized world because they won t. Typical scanning and provisioning tools for assessing the IT environment pinpointing what applications are running and patch management are designed for static, physical boxes not for machines that are constantly changing their nature and identity or moving from one host to another. Also, cloning a virtual machine to create several identical copies can make it difficult to identify the various clones, resulting in management and maintenance problems. The answer is to check out the effectiveness of your current tools and where necessary have them re-instrumented. Keeping track Because it is so easy to create new virtual machines, there is a danger that this can get out of hand and you might quickly end up with a large number of systems with unknown configurations, a particular problem in large environments. It is a good idea to set up automated means to keep track of the hosts, virtual machines and other virtualized infrastructure objects such as clusters, resource pools and folders. Also set up regular audits of event logs for abnormal activity. When you start up a new virtual machine, it is also good to create a lifecycle plan for it and to use automated steps and reminders to manage that lifecycle. Regularly check if it is still in use or set a date for it to be turned off, otherwise you will have exponential growth that will never go away. Build in an approval process for better governance. Be aware of change Many IT managers are not aware of all the changes that take place when moving from a physical infrastructure to a virtualized one. It is necessary to learn about these changes to gain a better understanding of where to focus effort around securing your virtualized environment. In the virtualized environment, a management interface connects the virtualization hosts, management servers, IP-based storage and ancillary services such as authentication and monitoring. Since the virtual machines and hypervisor interfaces are isolated, the most important action to a secure virtual environment is to separate the management layer from the network traffic and so avoid the spread of problems from one machine to the virtualization layer or to any other virtual machine. In addition to creating virtual machines, you can also create virtual networks with virtual switches. However, while this saves money and adds greater flexibility, creating a large number of switches can affect network security. Security tools used in a physical network rely on accessing the traffic traversing physical switches but when the switch is virtual another way must be found to access the network traffic by, for example, running a virtual appliance. It is also important to be aware of the separate roles and responsibilities of different teams when moving to virtualization. Since a single administrative interface controls both the virtual machines and virtual networks it is important to properly define the roles and responsibilities of server, network and security teams. The ability to easily change virtual switches on virtual machines with a simple drop-down menu brings useful flexibility and efficiencies, but it also increases the risk of misconfiguration. Effective change controls, log and event monitoring must be imposed to combat this problem. Summary Beyond the potentially dramatic cost savings, virtualization can greatly enhance an organization s operating agility. Companies that employ clustering, partitioning, workload management and other virtualization techniques to configure groups of servers into reusable pools of resources are better positioned to respond to the changing demands their business places on those resources. However, before you create virtual infrastructures to reduce cost and improve the operational efficiency of your IT environment it is important to separate fact from fiction and to fully understand all the implications. Strengthen your grasp on just how virtualization will affect data security in your new environment and what you need to do about it. Check that you have the right technology solutions in place to meet the needs of your particular organization and the most appropriate tools and processes for smooth implementation and efficient administration. Addressing the many misconceptions surrounding this new technology will enable you to reap the benefits of the virtualization boom, turning your technology into a strategic business advantage.

6 About Clavister Since 1997, Clavister has been delivering leading network security solutions, providing commercial advantage to tens of thousands of businesses worldwide. The Clavister family of unified threat management (UTM) appliances and remote access solutions provide innovative and flexible network security with world-class management and control. Clavister has pioneered virtual network security, and this along with its portfolio of hardware and software appliances gives customers the ultimate choice. Clavister products are backed by Clavister s award-winning support, maintenance and education program. Headquartered in Sweden, Clavister s solutions are sold through International sales offices, distributors, and resellers throughout EMEA and Asia. To learn more, visit. Contact Information General Information info@clavister.com Sales Information sales@clavister.com Technical Support support@clavister.com Ordering Information order@clavister.com Partner Information partner@clavister.com we are network security Clavister AB, Sjögatan 6 J, SE Örnsköldsvik, Sweden Phone: +46 (0) Fax: +46 (0) Web: info@clavister.com The Clavister logo and all Clavister product names and slogans are trademarks or registered trademarks of Clavister AB. Other product names and/or slogans mentioned herein may be trademarks or registered trademarks of their respective companies. Information in this document is subject to change without prior notification. CID: CLA_WP_MISCONCEPTIONS (2009/03)