Challenges of Securing the Virtual Infrastructure

By Cameron Sturdevant  |  Posted 2008-09-16 Print this article Print

Hezi Moore, founder and CTO of Reflex Security, discusses the challenges organizations face when building out their virtual environments in this eWEEK interview.

Virtualization has become almost a no-brainer for organizations looking to optimize resources. But as the number of virtual machines increases, so, too, do management and security concerns.

eWEEK Labs Technical Director Cameron Sturdevant recently spoke with Hezi Moore, the founder and chief technology officer of Reflex Security, about the challenges organizations face when building out their virtual environments.

Thinking about the data center, and especially data center security, what are the biggest differences between physical and virtual IT infrastructure?

One of the biggest differences is that the virtualized infrastructure is much more mobilized, more dynamic. Server mobility is a challenge, server sprawl. Another large issue is cross-functional management related to who manages what portion of the network.

If you look at the physical infrastructure, we had groups of IT that managed different portions of the infrastructure, from the networking guy to the security guy to the server guy and even the application guy. And then you had people who managed the data center on a day-by-day basis. To apply a change to the data center, even if it was just a cable change, you had to go to policies and processes that were documented, so IT had a handle on what happened and when it happened-who did it and why.

Today, in a virtual infrastructure, you can move a wire, you can move from one switch to another with just a mouse click, and those changes usually don't get documented. So, it's only [being done] by one guy, the one who manages the infrastructure, the networks, the virtual networks. This is really what we call cross-functional management across the entire infrastructure.

It seems to me that the hypervisor presents a new factor here. First of all, it's a new piece of software between the physical hardware itself and the operating system.

If you look at the hypervisor itself, it's really a very, very short piece of code that's developed and designed with security in mind. So, if you look at the attacks out there that are really trying to penetrate the hypervisor layer, none of them has been able to very successfully cause any damage. Most sneak into the hypervisor and run another machine without the user knowing. But none of these attacks is attacking the hypervisor itself.

So, definitely there is a new piece of code in the data center, the hypervisor, but it's a very secure piece of code, and the hackers are really focusing on ... the tools running on top of the hypervisor that will give them access.

Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel