Thursday, August 18, 2022

Security benchmark for virtualization

Virtualized IT environments, which have become indispensable to many companies as they consolidate servers, can now be checked against a vendor-neutral security configuration benchmark developed by the Centre for Internet Security, a nonprofit security organization.

CIS recently posted a 30-page document that can be used to configure any virtual machine installation. At press time, the group had imminent plans to add a similar benchmark specific to VMware’s ESX Server software.

CIS officials contend that independent configuration guidelines, developed on a consensus basis with input from parties that aren’t affiliated with the vendors of the technologies being addressed, are critical to securing IT systems.

“If everybody had listened to Microsoft and only Microsoft guidance for all these years for securing systems, we would be in a world of hurt,” said Dave Shackleford, a vice president at the CIS. The same point applies to any other software vendor, he added.

The new benchmark provides information on a broad range of topics, such as sharing files between a host and guest server, and the problems associated with synchronizing time between various virtual systems. 073049

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.