Protecting VMs in a Multi-Tenancy Environment



Similar documents
Configuring XenServer v6.5.0 Service Pack 1 for Graphics

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

Creating Overlay Networks Using Intel Ethernet Converged Network Adapters

Storage XenMotion: Live Storage Migration with Citrix XenServer

SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform Reference Architecture

Citrix XenServer Design: Designing XenServer Network Configurations

Lecture 02b Cloud Computing II

Citrix Lab Manager 3.6 SP 2 Quick Start Guide

Virtualization, SDN and NFV

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

A Case for Overlays in DCN Virtualization Katherine Barabash, Rami Cohen, David Hadas, Vinit Jain, Renato Recio and Benny Rochwerger IBM

Citrix XenServer Industry-leading open source platform for cost-effective cloud, server and desktop virtualization. citrix.com

DEPLOYMENT GUIDE XenApp, Avaya 1X Agent. Deployment Guide. Avaya 1X Agent. XenApp.

Server Virtualization with QNAP Turbo NAS and Citrix XenServer How to Set up QNAP Turbo NAS as Storage Repositories on Citrix XenServer via iscsi

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

Network Access Control in Virtual Environments. Technical Note

Deployment Guide ICA Proxy for XenApp

Citrix XenServer 7 Feature Matrix

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

Securing Virtual Applications and Servers

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

Visibility into the Cloud and Virtualized Data Center // White Paper

IBM Security Intrusion Prevention Solutions

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

Application Template Deployment Guide

Overcoming Security Challenges to Virtualize Internet-facing Applications

White paper. Microsoft and Citrix VDI: Virtual desktop implementation scenarios

Virtual LAN Configuration Guide Version 9

Security Overview of the Integrity Virtual Machines Architecture

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

VXLAN: Scaling Data Center Capacity. White Paper

"ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT"

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business

Pluribus Netvisor Solution Brief

Network Virtualization

Expert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts

What is VLAN Routing?

Citrix XenServer Emergency Network Reset. Published Wednesday, 29 February Edition

Optimizing service assurance for XenServer virtual infrastructures with Xangati

Virtualisation. A newsletter for IT Professionals. Issue 2. I. Background of Virtualisation. Hardware

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

Deployment Guide for Citrix XenDesktop

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

Understanding Enterprise Cloud Governance

Procon Frostbite 1.1 and subsequent releases End User License Agreement Revised: April 7, 2015

Network Virtualization and Software-defined Networking. Chris Wright and Thomas Graf Red Hat June 14, 2013

CITRIX SYSTEMS, INC. SOFTWARE LICENSE AGREEMENT

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

IBM PowerSC. Security and compliance solution designed to protect virtualised data centres. Highlights. IBM Systems and Technology Data Sheet

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

How To Manage A Virtualization Server

What is SDN? And Why Should I Care? Jim Metzler Vice President Ashton Metzler & Associates

Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Securely Outsourcing to the Cloud: Five Key Questions to Ask

How To Install A Citrix Netscaler On A Pc Or Mac Or Ipad (For A Web Browser) With A Certificate Certificate (For An Ipad) On A Netscaler (For Windows) With An Ipro (For

Exploring Layer 2 Network Security in Virtualized Environments. Ronny L. Bull & Jeanna N. Matthews

The software is sold on an AS IS basis. ALVARION, its affiliates or its licensors MAKE NO

Introduction GPU Pass-Through Shared GPU Guest Support and Constraints Available NVIDIA GRID vgpu Types...

Logging and Alerting for the Cloud

Potecting your business assets in The Cloud, with. Secure Multitency Environment from CloudHPT.

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for On-boarding

Network Virtualization: Delivering on the Promises of SDN. Bruce Davie, Principal Engineer

CoIP (Cloud over IP): The Future of Hybrid Networking

Extending Networking to Fit the Cloud

Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008

Secure Cloud Computing with a Virtualized Network Infrastructure

Secure Network Access Solutions for Banks and Financial Institutions. Secure. Easy. Protected. Access.

BlueCat Networks Adonis and Proteus on Citrix NetScaler SDX Platform Overview

High Availability for Citrix XenServer

How Network Virtualization can improve your Data Center Security

Data Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair

Citrix XenServer: VM Protection and Recovery Quick Start Guide

ITL BULLETIN FOR JANUARY 2011

The Evolving Threat Landscape and New Best Practices for SSL

Websense Data Security Gateway and Citrix NetScaler SDX Platform Overview

Building Docker Cloud Services with Virtuozzo

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Virtual Machine in Data Center Switches Huawei Virtual System

Recommended IP Telephony Architecture

Citrix XenClient. Extending the benefits of desktop virtualization to mobile laptop users.

Architektur XenServer

Citrix desktop virtualization and Microsoft System Center 2012: better together

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Deployment Guide for Microsoft Lync 2010

An Oracle White Paper April Network Isolation in Private Database Clouds

Extending Microsoft Hyper-V with Advanced Automation and Management from Citrix

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Exploring Layer 2 Network Security in Virtualized Environments. Ronny L. Bull & Jeanna N. Matthews

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Microsoft and Citrix: Joint Virtual Desktop Infrastructure (VDI) Offering

Analysis of Network Segmentation Techniques in Cloud Data Centers

Protecting Data with a Unified Platform

10 easy steps to secure your retail network

Transcription:

Protecting VMs in a Multi-Tenancy Environment Prepared by: XenServer Engineering www.citrix.com

Table of Contents 1. Executive Summary... 3 2. Introduction... 4 3. Preventing Vulnerabilities with XenServer... 6 4. Conclusion... 7 Page 2 of 8

1. Executive Summary Segregation of network data is a basic business requirement when deploying applications, desktops or virtual machines in an environment where you cannot trust all users of the network. This is an inherent issue in public and private clouds because of the lack of physical segregation of systems. XenServer, and cloud infrastructures built on XenServer, provide the high level of protection needed by organisations and regulatory authorities. The choice of technologies which are tried and trusted in global organizations, have been improved and extended in XenServer 6.1.0. This White Paper highlights the VLAN improvements, VM aware multi-tenancy extensions, and the updated Open vswitch. XenServer is a key enabler for Software Defined Networks: the virtualised network infrastructure that many cloud service providers and large enterprises are now deploying. 1.1. Audience This white paper is aimed at those who are interested in using a public cloud to host their applications, desktops or multi-purpose virtual machines (VMs), and are looking for a greater understanding of the protections available to ensure their network traffic can't get intercepted or confused with that of other users of that cloud. Businesses using a private cloud to host VMs from distinct functional groups or sub-organizations are subject to the same concerns, and this white paper is equally applicable to them. The target reader will have an understanding of the technical issues around networking and VM segregation in a hosted environment. Page 3 of 8

2. Introduction Security is often the primary concern voiced by organisations and business units when considering a move to using a cloud hosted solution. All organisations need to be sure that their resources and data are secure, and that other organisations cannot access them without authorisation. Of particular concern is network data: it must be possible to secure data pathways when sharing any networking resource (e.g. physical switches or network interface cards) to prevent malicious or accidental unauthorized access or denials of service to ensure that whilst also you need to be certain that there is no chance that network data that was destined for your VMs does not end up being visible to them, and that there is no opportunity for them to snoop on data either entering or exiting your VMs. Segregation of data is paramount, and this white paper addresses a number of ways in which Citrix XenServer 6.1.0 has provided even greater protection in the network sphere. 2.1. Specific concerns There are many examples of situations in which network data from one organisation or department needs to be segregated. These might include: Large enterprises needing to isolate HR records, finance, customer credit card details and Intellectual Property assets; Organisations ensuring separation of business unit applications and data; Outsourced development requiring separate areas for each development activity; Healthcare organisations with statutory responsibilities to ensure patient record confidentiality; Universities needing to partition examinations, enrolment details and commercial research from their other teaching and research activities; Telcos and network service providers having to separate billing, CRM, payment systems, resellers portals and application hosting environments; Financial organisations needing to isolate client details and partition trading, wholesale and retail banking for regulatory reasons; Governments having the requirement to partition records for taxation, welfare, healthcare, education and other departments. Production environments need to be logically separated from Development and Test infrastructures. Publically facing web services must be separated from systems containing confidential data. Page 4 of 8

In all of the cases noted above, the physical or virtual system performing the different activities must be isolated: XenServer uses hypervisor and memory separation techniques to ensure virtual machine isolation even when sharing the same physical host. However, as soon as these systems send data over a shared network the security of that data is vulnerable. Administrators and auditors need to be confident that network traffic can only be accessed by the intended recipient. There are two general approaches by which rogue, or malicious, actors can attempt to disrupt network traffic for which they are not authorised: interception and impersonation. Interception is when a third party reads data intended for some other recipient, whether it is incoming or outgoing: it is sometimes referred to as sniffing, and can take place either on a machine which is hosting a set of VMs, or any of the switches in the network between the parties communicating. Impersonation or spoofing is when a third party masquerades as another, with the intention of receiving data intended for another party, fraudulently accessing another system, or disrupting the transmission of data. Impersonation can occur at either the Ethernet layer (ARP spoofing) or at the IP layer (IP spoofing); both can cause network traffic to be misrouted or lost. ARP spoofing: the aim is to associate the attacker's MAC address with the IP address of another node (such as the default gateway). Any traffic meant for that IP address would be mistakenly sent to the attacker instead. IP spoofing: the attacker creates IP packets with a forged source IP address, with the purpose of concealing the identity of the sender or impersonating another computing system. Both types of spoofing can occur due to incorrect configuration by system administrators, causing unintentional, but often equally disastrous, consequences. Page 5 of 8

3. Preventing Vulnerabilities with XenServer XenServer 6.1.0 contains enhanced controls which simplify and improve protection against both types of attacks interception and impersonation. These features are explained in more detail below. There are also further measures which can be applied using advanced techniques which are briefly described in the final part of this section. 3.1. VLAN Improvements Virtual Large Area Networks (VLANs) are the industry standard technique to segregate network traffic, thus preventing interception by unauthorised parties. Almost all physical switch vendors support the technology, with a maximum of 4,096 separate VLANs on a single Layer 2 (L2) network. All packets from each system on the VLAN are tagged so that all switches on the network know that they should be kept distinct. This tagging can also be performed by XenServer, allowing network segregation of VMs on the same host. The operation of the VLAN is therefore transparent to the bare metal machines and VMs on the VLAN. XenServer 6.1.0 does not introduce VLANs; XenServer can be configured to tag traffic from any VM with any legal VLAN assignment, traffic from external sources tagged with the correct VMs VLAN will have the tag stripped transparently, before the traffic passes to the VM. Two major improvements in XenServer 6.1.0: 1. Scalability: In XenServer 6.1.0, significant improvement has been made in performance when using many VLANs in the same pool. Although previously supported, it is now practical to route thousands of VLANs. 2. Trunking: XenServer 6.1.0 can be configured to pass tagged traffic to VMs. This allows advanced networking capabilities to be provided by virtual appliances, for example software VPNs and software routers. 3.2. Multi-Tenancy Extensions Security extensions in the XenServer networking stack enable administrators to protect against impersonation and interception as discussed above. In the XenServer 6.1.0 release, these extensions are enabled and configured by additional persistent VM configuration options. This means that VMs remain protected during migration, power events and other pool administrative tasks. The new multi-tenancy extensions allow XenServer administrators to lock a virtual switch port to a MAC address and a list of IPv4 or IPv6 addresses. This means that when these extensions are deployed, VMs cannot: 1. Impersonate any other VM; Page 6 of 8

2. Intercept traffic intended for any other VM. XenServer will ensure that traffic from a VM on a locked port will be dropped if does not come from the MAC address and IPv4/IPv6 that are associated with that port, thereby protecting all other VMs on that host from malicious attacks from that VM. 3.3. Open vswitch XenServer 6.1.0 also includes an improved version of the Open vswitch (OVS) 1 an OpenFlow 2 - compliant virtual switch. This component provides Switch functionality to XenServer, including: the ability to create and maintain fine-grained routing rules on a host-per-host level; manage access control lists on a MAC or IPv4/IPv6 basis; create GRE tunnels between XenServer hosts and other enabled switches; This functionality allows XenServer hosts to be used as part of a larger, software-defined network (SDN). Although administrators do not need to interact with the OVS directly in order to take advantage of the capabilities list above, an increasing number of cloud services providers and large enterprises are beginning to leverage the advantages offered by SDNs. 4. Conclusion XenServer 6.1.0 provides additional protection for organisations who wish to ensure high levels of segregation for their network data, whether between departments in a private cloud, or between different customers in a public cloud. Use of VLANs now better supported in XenServer 6.1.0 and multi-tenancy extensions allows organisations to enjoy the levels of protection that they require across multiple use cases. Further advanced techniques using the Open vswitch which is part of XenServer 6.1.0, allow even greater control and integration of XenServer into the virtualised network infrastructure that many cloud service providers and large enterprises are now deploying. 1 To learn more about the Open vswitch see, http://openvswitch.org/ 2 To learn more about OpenFlow see, http://www.openflow.org/wp/learnmore/ Page 7 of 8

About Citrix Citrix Systems, Inc. (NASDAQ:CTXS) transforms how businesses and IT work and people collaborate in the cloud era. With market-leading cloud, collaboration, networking and virtualization technologies, Citrix powers mobile workstyles and cloud services, making complex enterprise IT simpler and more accessible for 260,000 organizations. Citrix products touch 75 percent of Internet users each day and it partners with more than 10,000 companies in 100 countries. Annual revenue in 2011 was $2.21 billion. Learn more at www.citrix.com The copyright in this report and all other works of authorship and all developments made, conceived, created, discovered, invented or reduced to practice in the performance of work during this engagement are and shall remain the sole and absolute property of Citrix, subject to a worldwide, non-exclusive license to you for your internal distribution and use as intended hereunder. No license to Citrix products is granted herein. Citrix products must be licensed separately. Citrix warrants that the services have been performed in a professional and workman-like manner using generally accepted industry standards and practices. Your exclusive remedy for breach of this warranty shall be timely re-performance of the work by Citrix such that the warranty is met. THE WARRANTY ABOVE IS EXCLUSIVE AND IS IN LIEU OF ALL OTHER WARRANTIES, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE WITH RESPECT TO THE SERVICES OR PRODUCTS PROVIDED UNDER THIS AGREEMENT, THE PERFORMANCE OF MATERIALS OR PROCESSES DEVELOPED OR PROVIDED UNDER THIS AGREEMENT, OR AS TO THE RESULTS WHICH MAY BE OBTAINED THEREFROM, AND ALL IMPLIED WARRANTIES OF MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, OR AGAINST INFRINGEMENT. Citrix liability to you with respect to any services rendered shall be limited to the amount actually paid by you. IN NO EVENT SHALL EITHER PARTY BY LIABLE TO THE OTHER PARTY HEREUNDER FOR ANY INCIDENTAL, CONSEQUENTIAL, INDIRECT OR PUNITIVE DAMAGES (INCLUDING BUT NOT LIMITED TO LOST PROFITS) REGARDLESS OF WHETHER SUCH LIABILITY IS BASED ON BREACH OF CONTRACT, TORT, OR STRICT LIABILITY. Disputes regarding this engagement shall be governed by the internal laws of the State of Florida. 851 West Cypress Creek Road Fort Lauderdale, FL 33309 954-267-3000 http://www.citrix.com Copyright 2012 Citrix Systems, Inc. All rights reserved. Citrix, the Citrix logo, Citrix ICA, Citrix XenDesktop, and other Citrix product names are trademarks of Citrix Systems, Inc. All other product names, company names, marks, logos, and symbols are trademarks of their respective owners. Page 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information