Document Controls
For Security & Risk Professionals
| Primary Analyst Photo | Document Information | Rate this Document |
|---|---|---|
 |
October 16, 2009 Fear Of A Hyperjacked PlanetHypervisor Security Flaws Get Press, But Operational Risks Matter Moreby Andrew Jaquith with Robert Whiteley, Alex Crumb, Margaret Ryan |
Average: 9
(2 ratings)
|
This is an excerpt
Executive Summary
Asked to do more with less, CIOs are using virtualization to pack more services into fewer physical boxes, reduce energy consumption, and provide greater flexibility. But security and risk professionals worry that in the headlong rush to embrace virtualization, their companies may have failed to secure their new virtual infrastructures. Chief among these concerns include hyperjacking and the risks of deploying virtual machines (VMs) in the demilitarized zone (DMZ). Forrester feels hyperjacking fears are overblown. The real risks are operational. Virtual infrastructures can be kept secure by: 1) segregating administrative, hypervisor, and live-migration traffic away from production traffic; 2) keeping VMs with different security classifications on separate physical hosts; and 3) enforcing zone boundaries with separate hardware.
TABLE OF CONTENTS
- 1. What are security and risk professionals' primary concerns about virtualization?
- 2. Are hypervisors secure?
- 3. What kinds of attacks against virtual servers are possible?
- 4. Are virtualized servers riskier than their physical counterparts?
- 5. How important are traditional network zoning concepts in virtualized networks?
- 6. What are prudent practices for deploying virtual servers?
This is an excerpt
Buy Risk-Free
Price: US $499
Our Service Guarantee: If you are not completely satisfied with this document, notify Forrester within 24 hours of purchase for a full refund.
Already a Forrester Client?
Log in to read this document.
