Virtualization Security Guidelines

Link: Virtualization Security Guidelines – blog.scottlowe.org

The Center for Internet Security (CIS)
has released some security benchmarks for VMware ESX Server 3.0.x. The
ESX security benchmark joins recommendations and guidelines for
Windows 2000, Windows XP, Windows Server 2003, Red Hat Linux, and
Mac OS X that are also available from the CIS. The CIS has also
published a generic virtual machine (VM) security benchmark as well.
Taken together, the ESX benchmark and the VM benchmark provide good,
solid recommendations around virtualization security.

The ESX/VM benchmarks are available for download here.

With all the hype around virtualization’s impact on
security—positive or negative—it’s good to see some concrete and
actionable recommendations. If nothing else, these documents will at
least provide a starting point for security professionals and
virtualization experts to discuss the best way to architect solutions
without compromising the security of the network/servers. In fact, we might even find ways to enhance the security of the network/servers.

Related Articles

4 VMware NSX Webcasts for the Curious Network and Security Professional

Getting Started with VMware NSX-T: A Knowledge-Packed Webcast

VMware Communities, The Heart of VMware Explore 2024