Challenges of Securing the Virtual Infrastructure (
Page 1 of 3 )
Hezi Moore, founder and CTO of Reflex Security, discusses the challenges organizations face when building out their virtual environments in this eWEEK interview.
Virtualization has become almost a no-brainer for organizations
looking to optimize resources. But as the number of virtual machines increases,
so, too, do management and security concerns.
eWEEK Labs Technical Director Cameron Sturdevant recently spoke
with Hezi Moore, the founder and chief technology officer of Reflex Security, about
the challenges organizations face when building out their virtual environments.
Thinking about the data
center, and especially data center security, what are the biggest differences
between physical and virtual IT infrastructure?
One of the biggest differences is that the virtualized
infrastructure is much more mobilized, more dynamic. Server mobility is a
challenge, server sprawl. Another large issue is cross-functional management
related to who manages what portion of the network.
If you look at the physical infrastructure, we had groups of IT
that managed different portions of the infrastructure, from the networking guy
to the security guy to the server guy and even the application guy. And then
you had people who managed the data center on a day-by-day basis. To apply a
change to the data center, even if it was just a cable change, you had to go to
policies and processes that were documented, so IT had a handle on what
happened and when it happened—who did it and why.
Today, in a virtual infrastructure, you can move a wire, you
can move from one switch to another with just a mouse click, and those changes
usually don’t get documented. So, it’s only [being done] by one guy, the one
who manages the infrastructure, the networks, the virtual networks. This is
really what we call cross-functional management across the entire
infrastructure.
It seems to me that the
hypervisor presents a new factor here. First of all, it’s a new piece of
software between the physical hardware itself and the operating system.
If you look at the hypervisor itself, it’s really a very, very
short piece of code that’s developed and designed with security in mind. So, if
you look at the attacks out there that are really trying to penetrate the
hypervisor layer, none of them has been able to very successfully cause any
damage. Most sneak into the hypervisor and run another machine without the user
knowing. But none of these attacks is attacking the hypervisor itself.
So, definitely there is a new piece of code in the data center,
the hypervisor, but it’s a very secure piece of code, and the hackers are really
focusing on … the tools running on top of the hypervisor that will give them
access.
/ 7 
