One of the selling points around virtualization is about its perceived added level of security. But virtualization, like any other piece of software can be implemented incorrectly, and itself have flaws.
Last year, NIST came out with SP 800-125, Guide to Security for Full Virtualization Technologies. The guide is intended for system administrators, security program managers, security engineers and anyone else involved in designing, deploying or maintaining full virtualization technologies.
NIST SP 800-125 recommends organizations do the following:
- secure all elements of a full virtualization solution and maintain their security
- restrict and protect administrator access to the virtualization solution
- ensure that the hypervisor, the central program that runs the virtual environment, is properly secured
- carefully plan the security for a full virtualization solution before installing, configuring and deploying it
All good items to do; but at 25 pages, SP 800-125 is clearly inadequate to cover all of the details around how to securely use virtualization. With that, Securing the Virtual Environment: How to Defend the Enterprise Against Attack, by Davi Ottenheimer and Matthew Wallace is a great new book that that provides a comprehensive overview on how to secure systems and defend against attacks on virtualized environments.
The book takes a very strong approach that in order to secure virtualization effectively, one needs to understand how adversaries will attack a virtualized environment. The authors provide numerous details on how to precisely do that.
The book is a highly technical guide meant for those designing, deploying and administering virtualized systems. At 400 pages, the books 10 chapters provide a wealth of information to secure virtualized systems.
Chapter 5 on Abusing the Hypervisor is perhaps the best chapter in the book and the most important topic regarding virtualization security. The hypervisor is the software, also called the virtual machine manager (VMM) that manages the entire virtualization environment. Malware will often attack the hypervisor in order to gain control.
The book also contains an appendix on how to build a virtual attack test lab. It details the components of the virtual penetration testing lab, including how to build the gateway, Xen hypervisor and KVM, and how to build the cloud stack.
The accompanying DVD contains code and scripts from the book and also contains a Ubuntu 6 virtual machine, pre-loaded with various network security tools.
Chapter 1 on virtualized environment attacks is freely available here. After reading that, most readers will likely want to read the entire book, and they should.
Anyone who is serious about virtualization security should certainly make sure that Securing the Virtual Environment: How to Defend the Enterprise Against Attack is on their reading list, and that of every security administrator in their company.