Every major software security breach is another reminder that security should be the highest priority for IT ecosystems, regardless of arrangement or design. An unsecured virtual environment opens an organization to swaths of potential attack points — whether it’s just a few VMs or a large-scale container deployment — so IT staff must keep certain things in check.
This virtualization security checklist includes 10 steps that you can take to help keep virtualization infrastructure secure.
1. Minimize the parent partition’s footprint
One of the most important actions to take to ensure the security of a virtualized environment is to minimize the parent partition’s footprint.
Hyper-V, for example, installs as a Windows Server role. Minimizing the footprint means that no other roles should be installed on that host server. Additionally, the host OS should run a server core configuration, and there should not be any additional software installed in the parent partition, aside from the drivers and agents required for backup, malware protection or similar security functions.
2. Use failover clustering
Failover clustering is typically regarded as a high availability feature that has little to do with security. Even so, there are security benefits to clustering your virtualized environment.
The main benefit is that failover clustering enables round-robin patching. This simplifies the patch management process and makes it less likely that admins will put off applying security patches. Round-robin patching enables you to live migrate VMs off the host that is being patched, which enables the host to reboot without disruption. Once that host has been patched, the VMs return to the host, and the patch process begins on the next host in the cluster.
3. Create dedicated network segments
Use dedicated physical network segments to handle certain infrastructure-related tasks, such as network data management and storage. Best practices vary from one hypervisor to another, but, as a general rule, use dedicated physical network segments to support management and storage traffic, as well as communication between hosts, such as migration traffic.
4. Use shielded VMs
A shielded VM is encrypted at the virtual hard-disk level to prevent tampering. More importantly, because of where the encryption keys are stored, a shielded VM can only be started on an authorized host. This prevents a rogue admin from copying a VM to browse its contents or run it on an unauthorized host.
5. Use role-based access control
Take advantage of RBAC, which limits the number of permissions any one IT admin is assigned. In larger organizations, most virtualization admins typically need to create and manage VMs and to perform related tasks. They do not need to perform low-level operations on the virtualization host. RBAC grants virtualization admins the permissions that they need to do their job without granting excessive permissions that could pose a security risk.
6. Vet virtual hard disks before production use
Many vendors offer certain types of products as virtual appliances, including vCenter Server and Amazon Elastic Compute Cloud. Virtual appliances typically consist of a virtual hard disk that has already been prepared for use. The admin needs only to associate it with a VM, start the VM and perform some basic configuration tasks.
Although virtual appliances are useful, they can also pose a security threat if you don’t know the hard disk’s complete configuration — and stored data. Vet all virtual hard disks in a lab environment before using them in production environments.
7. Use secure boot when possible
Whenever possible, enable secure boot for your VMs. Secure boot protects the integrity of the boot process and prevents malware from inserting itself into the boot sequence. Not every VM supports secure boot, but most do. In a Hyper-V environment, for example, Generation 2 VMs running Windows or Linux on a guest OS can use secure boot.
8. Use only supported OS versions
Once an OS reaches its end-of-life date, it no longer receives security patches. Out-of-date security measures make it susceptible to any vulnerabilities that are discovered later on. This guideline holds true for both the virtualization host and the guest OS.
9. Instate a system to deploy patches quickly
Ensure that your organization adopts a formalized patch management strategy. When new patches are released — either for the hypervisor or for the VMs themselves — those patches must be tested and applied as soon as possible.
The testing process is important because buggy patches are released occasionally, and such patches can cause problems.Simultaneously, patches address known security vulnerabilities; an unpatched system is more susceptible to attack. Organizations must strike a balance between dedicating enough time to test patches and installing them as quickly as possible.
10. Encrypt everything you can
Data must remain secure in all stages — in motion and at rest — but your IT team must encrypt storage devices to protect the VMs as well. Refer to the best practices for the specific hypervisor your organization uses, but you should encrypt management, storage and migration-related traffic. Likewise, encrypt the storage devices that contain the virtual hard-disk files.