Keeping Your VMotion Traffic Secure

posted

From the VMware Security Blog: Keeping Your VMotion Traffic Secure. Recently a researcher published a proof-of-concept called Xensploit which allows an attacker to view or manipulate a VM undergoing live migration (i.e. VMware’s VMotion) from one server to another. This was shown to work with both VMware’s and Xen’s version of live migration. Although impressive, Read more...

The Why’s and How’s of ESX patching

posted

From the new VMware Security Blog, Nand Mulchandani responds to the article by Ron Oglesby and Dan Pianfetti at virtualization.info about the number of patches that VMware has released for VI3. Link: VMware Security Blog > ESX patching questions. Recently there was an article on “Patch Tuesday for VMware” over at Virtualization.info. It is an Read more...

Virtualization Security Guidelines

posted

Link: Virtualization Security Guidelines – blog.scottlowe.org The Center for Internet Security (CIS) has released some security benchmarks for VMware ESX Server 3.0.x.  The ESX security benchmark joins recommendations and guidelines for Windows 2000, Windows XP, Windows Server 2003, Red Hat Linux, and Mac OS X that are also available from the CIS.  The CIS has Read more...

Security Virtualization myths dispelled?

posted

Link: Security Virtualization myths dispelled? | Virtual Scoop. In an article titled VMware dispels virtualization myths, Bridget Botelho  wrote: "One significant issue with virtual machine security is with virtual switch isolation," said Burton Group’s Wolf."The current all-or-nothing approach to making a virtual switch ‘promiscuous’ in order to connect it to an IDS/IPS is not favorable Read more...