Virtualisation: Pitfalls in Corporate VMware Implementations presented at AUScert 2009

by Jason Edelstein,

Summary : By introducing a layer of abstraction between the physical hardware and virtualised systems running IT services, virtualisation technology provides a powerful means to deliver cost savings via server consolidation as well as increased operational efficiency and flexibility. However, the added functionality introduces a virtualisation layer that itself becomes a potential avenue of attack for the virtual services being hosted. Because a single host system can house multiple virtual machines, the security of that host and implemented network architecture becomes even more important.
In our experience this immature technology is often poorly understood, and rarely implemented correctly in enterprise environments without jeopardising the organisations security posture. This presentation will discuss these common pitfalls in VMware implementations (both technical and operational), and propose a set of viable security controls to mitigate the risk.