Home >> Integrating IT >> Project Management

Virtualization boosts security threat

By: Howard Solomon On: 31 Jan 2008 For: CIO Canada Creator

As IT managers increasingly turn to virtualization to reduce the number of servers they have to deal with, they may unknowingly also be increasing their security problems

As IT managers increasingly turn to virtualization to reduce the number of servers they have to deal with, they may unknowingly also be increasing their security problems.

That’s because in a one-application/one-server environment, each server had its own firewall for protection. When multiple applications are crowded into one server, however, the potential for trouble from new attacks increases, especially if two applications within the virtualized environment talk to each other.

Unfortunately there are few virtual network firewalls on the market today to deal with this, says Ottawa-based Gartner analyst Greg Young. Nor will there be many more on the market 12 months from now. “Users are going to be challenged to find solutions in 2008,” says Young, a research vice-president who specializes in network security. “The choices are limited today.”

The potential problem, although only emerging now as the pace of virtualization picks up, is “significant,” he said; big enough that recently Young and two colleagues issued a warning to clients.

Young said the problem came to light when Gartner discovered that some of its customers, who in the past had good separation of their application layers, are now breaking their security rules due to virtualization.

It may be that in a particular data centre when applications were separated they didn’t talk to each other, but that could change once they are squeezed into a single environment, Young argues. And because network traffic between virtual machines isn’t visible, managers may not know about the problem. Isolating virtual machines doesn’t solve everything, he added. If traffic within the VM isn’t being monitored, the internal VM network could break down as a result of a simple misconfiguration.

There are software-based network firewalls that can reside in a dedicated virtual machine, Gartner notes, but they’re only able to enforce security policies between IP addresses they are configured to see.

One alternative, Young says, is to run traffic out of the virtual machine, through a hardware firewall and then back into the VM. But this would obviously slow network performance.

The lack of host-based firewalls from major enterprise firewall manufacturers has meant that small startups have an opportunity to make some ground, said Gartner.

Sign up for our Newsletters

Tags: security, network firewalls, virtual machine, firewalls

Close X

Your Name:

Your E-mail:

Friend's Name:

Friend's E-mail:

Close X

| Views: 606 | Rating:

(0 votes)

Rate this article on a scale of
1 to 5 stars,5 being the best.

Close X

Page 1

Quick Access

Video Conferencing Cloud Computing Resource Centre CIO Canada's Brainstorm Centre CIO Canada Debate

Howard Solomon I'm assistant editor of ComputerWorld Canada covering network infrastructure, communications and government IT issues. An IT journalist since 1997, I've written ... more

Related Content

Vendors tackle virtualization security

What VMworld attendees can expect from next week's show.

VMware unveils security developer tool

McAfee VP says VMsafe makes it possible to develop security monitoring software that was not possible in the physical servers. But an Info-Tech analyst warns virtualization can make security more complicated

Lack of virtual firewalls is a hazard, says analyst

When multiple applications are crowded into one server, the potential for trouble from new attacks increases, according to an expert from research firm Gartner. Greg Young offers some alternatives

Untangle unveils open source firewall
untangle inc. is offering open source security software of the same name, which acts as a spam blocker, intrusion prevent system, virtual private network and firewall.untangle can be installed as a dedicated server performing routing and firewall functions, a transparent bridge or a re-router. it also includes add-ons to commercial software packages from other vendors, such as

blog comments powered by Disqus

Most Popular

Articles

Most Viewed
Most Emailed
Top Rated

Most Viewed
Most Emailed
Top Rated

Shaw wins Internet deal with city of WinnipegBy: Howard Solomon (16 May 2012)Shaw Communications has scored a big win in its campaign to extend its services to municipalities. The Calgary-based cableco won a bidding contest to ...
The cost of open data: A Canadian lawyer's analysisBy: Lou Milrad (14 May 2012)We’ve started hearing a lot over the last year or so about “open data”, particularly in the municipal sector. It’s all ab ...
Rogers offers lure to M2M developers By: Howard Solomon (11 May 2012)Network operators are always looking for ways to expand the way organizations can use their networks beyond voice and data centre traffic. To encour ...
Canadian employee survey indicates dark view of cloudBy: Shane Schick (16 May 2012)If Canadian enterprises are using cloud computing, their employees may be the last to know. A recent research bulletin from Toronto-based Pollara of ...
Researcher runs IP network over xylophonesBy: Joab Jackson (14 May 2012)NEW YORK -- Vint Cerf once wore a shirt that read "IP on Everything," a wry comment on the universatility of the Internet Protocol he helped invent, a ...

Cisco kills off Cius developmentBy: Paolo Del Nibletto (5/25/2012 11:56:00 AM)In a surprise move, Cisco Systems Inc. has confirmed it will no longer invest in developing the Cius tablet device running Android.The Cius tablet was ...
Microsoft's new server and tool upgrades and CIOsBy: Juan Carlos Perez and Chris Kanaracus (5/25/2012 10:21:00 AM)MIAMI -- CIOs and IT directors tracking the barrage of major upgrades for Windows and Office also need to stay tuned to the refresh cycle for Microsof ...
Microsoft clarifies tremendous Windows 8 claimsBy: Gregg Keizer (5/25/2012 9:21:00 AM)FRAMINGHAM, Mass. -- Reports earlier this week that Microsoft CEO Steve Ballmer predicted unprecedented sales of Windows 8 were wrong on multiple ...
How to make PHP apps scaleBy: Andrew Oliver (5/25/2012 9:14:00 AM)SAN FRANCISCO -- The power of PHP and an RDBMS is the ability to nail the major features of an application with cheaply paid developers in a reco ...
Funding rural broadband: Whatever it takesBy: Howard Solomon (5/25/2012 7:11:00 AM)For rural communities looking to get ultra-fast broadband speeds increasingly seen in cities, there’s only one obstacle: Money. Getting it is ...

VIDEO: Why IT pros need 'soft skills'By: Brian Bloom (23 May 2012)Unemployment in the high-tech sector is low. But are IT pros getting the jobs they want? Stafflink CEO Tim Collins explains why having impressive ...
Why integrate Wi-Fi radios into small cellular cellsBy: Ajay Kumar Gupta (15 May 2012)FRAMINGHAM, Mass -- (Gupta is team lead at Wesley Clover Communications Solutions, which develops solutions from Canadian companies -- including Mitel ...
CEOs demand CIOs prepare for growth and mobilityBy: Mark Chillingworth (15 May 2012)CEOs have shifted their position and are releasing funds to CIOs that have innovations for mobile users and revenue generation ideas, finds the CIO Su ...
EMC mega-launch targets hybrid cloud, big dataBy: Jeff Jedras (22 May 2012)LAS VEGAS – With nearly 15,000 attendees making this its biggest user conference, IT infrastructure vendor EMC Corp. has made its largest ...
Why Eugene Kaspersky has big problems with big dataBy: Jeff Jedras (22 May 2012)NASSAU, BAHAMAS – The big data drumbeat is becoming deafening in the technology sector as vendors and analysts rush aboard the latest trend. But ...

Related White Papers

Achieving The Enterprise Strategy Through Project Execution - A disconnect exists between those deploying projects and the executives whose strategies those projects support. CEOs need transparency to make strategic projects successful.

Jamming on social business - Insights on social business from a 72-hour online conversation between corporations, academic institutions, nonprofit organizations and government agencies from over 80 countries. Learn the insights that could serve as a blueprint for your organization.

Create a Smarter Storage Strategy - Create a Smarter Storage Strategy – Click here to download!

Unified Communications matters to enterprise success - Your mobile workforce, business processes and interactions across the wide world of social media demand a UC strategy. This isn’t a plug-and-play proposition, but rather a far-sighted enterprise vision that requires expertise that stretches wide and deep.

PRODUCT BRIEF: Taking an integrated approach to energy efficiency with IBM Tivoli software - This paper describes the critical importance of managing energy and provides an overview of the problems and issues associated with “greening” today’s enterprises. It then shares insights and solutions that organizations can use to optimize energy requirements while maintaining service levels. Specifically, it describes how IBM Tivoli® solutions offer an integrated approach for managing energy in the context of risk by providing an end-to-end view of IT resources, services, IT and facilities assets, energy costs and response time.

more: White Papers

CIO Canada	ComputerWorld Canada	Network World Canada	Computer Dealer News	Direction Informatique	IT Business.ca
Click Here to Subscribe Now!

IT World Canada Curated
	Job and Career Resources • Canadian IT Jobs • IT Sales Jobs • Salary Calculator • Tech Learning Space	Knowledge Services • CDN ProFIT - Turnkey Marketing solutions • Visability • Knowledge Store
Subscribe Now- Register

Log In

Virtualization boosts security threat

As IT managers increasingly turn to virtualization to reduce the number of servers they have to deal with, they may unknowingly also be increasing their security problems

Quick Access

Related Content

Related Videos

Most Popular

Related White Papers

Email
Password