theartofservice

Hypervisors are small bits of code that enable the creation of an abstract layer within computing. This is the basis for most efforts in virtualization. The greatest critique to virtualization is security and hypervisors are the first agents to providing security. Below are some notes on hypervisors and security concerns:

Not every hypervisor is created equally. VMware is a completely proprietary, meaning that it is developed and tested inhouse before being released for use. Xen utilizes an open-source community to vet and test the product. Because of the open collaboration, the Xen product has fewer lines of code which will result in fewer potential problems with the code.

Hyperjacking is the worst problem with using hypervisors. The term refers to the subverting the hypervisor to plant malicious software within the abstract layer which can potential provide access to the entire virtual platform which may be utilized by several customers in the form of guest OSs. The trick is to maintain hypervisor integrity while making each guest OS ‘think’ they are the only system that has access to the physical layer. Most of this is done through a series of privilege checks, specifically on transactions between the abstract layer and the physical layer. A widely adopted standard for building trust between the abstract and the physical layers is TPM, or Trusted Platform Module.

The abstract layer has most of the same security issues as a physical LAN or SAN. More so in some ways. Most threats come from internal traffic because they don’t pass through external firewalls where many of the security checks are perform as traffic enters the network. Fortunately, the risks are manageable with a little extra physical capacity, performing migration drills on virtual services and maintaining patches and updates.

A virtual machine is still a machine. Though obvious, it’s not as easy to put this fact into practice. A few rules applied in this context can reduce the amount of exposure given to threats. Disable emulated devices that are unnecessary, including virtualized features and services on the host and guest platforms. They can be made available when required and turned off at disconnect. Find where critical components like third party device drivers reside – within the hypervisor where they performance increases but are slightly more vulnerable or at a higher layer. Adopt ‘least privilege’ rules to who has access to virtual network segments, thus reducing the attack surface exposed.

Bottomline: A hypervisor is simply a tool for IT – understanding what it can and cannot do will assist in fulfilling any security plan you should already have in place.