download issue 27 here - Help Net Security
download issue 27 here - Help Net Security
download issue 27 here - Help Net Security
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
If youʼre part of the quintessential IT personnel most firms have, youʼve already<br />
had some exposure to virtualization technology. In all likelihood, portions<br />
of - if not your entire testing and development environment - run on a<br />
virtualization platform from VMware, Microsoft or Citrix.<br />
The savings in capital and operating expenses<br />
are so compelling that now youʼve been asked<br />
to expand virtualizationʼs use to the rest of<br />
your data center, demilitarized zone and disaster<br />
recovery site - basically, any other part<br />
of the physical network w<strong>here</strong> migration of<br />
physical servers to virtual machines (VMs) will<br />
trim down the costs to power, cool, house and<br />
administer them. In fact, the likelihood that<br />
you have already embarked on such an effort<br />
is pretty high.<br />
In a Gartner webinar, analyst Thomas Bittman<br />
said that “by 2013, the majority of workloads<br />
running on x86 architecture servers in enterprises<br />
will be running in virtual machines.”<br />
This statistic implies that virtualization is<br />
quickly subsuming critical workloads, with<br />
valuable, sensitive and compliance relevant<br />
data and applications making their way onto<br />
VMs. The challenge presented stems from the<br />
fact that virtualization combines workloads of<br />
different trust levels (i.e. HR file server, CRM<br />
database, email server, etc.,) onto one physical<br />
server, and how can an organization remain<br />
compliant with requirements for the segregation<br />
of duties, zones of trust and least<br />
privilege access?<br />
Furthermore, as virtualization adoption within<br />
organizations broadens to include dispersed<br />
data centers, so too does the use of live migration<br />
and automation - features which make<br />
it easy for VMs to be created and optimally<br />
operated but make it hard to continuously<br />
monitor and secure them.<br />
www.insecuremag.com 28