Virtualization – CompTIA Security+ SY0-401: 1.3

The virtualization of the data center is now a standard part of our networks. In this video, you’ll learn about the security concerns that involve virtualization technologies.

<< Previous Video: Network Access ControlNext: Cloud Computing >>

In our previous video, we talked about the configuration of how people might virtualize a firewall and the benefit there obviously is there’s a huge cost savings. If you don’t have to buy five firewalls, you could buy a single physical firewall and simply split it up into five virtual pieces. Might save a lot of money there. We’re seeing virtualization on file servers. We’re seeing virtualization on huge systems that are put in place. You buy one big monster server that now can hold 100 or more different servers inside of it; there’s some obvious cost savings there. There’s cost savings on the purchase of the hardware. There’s cost savings of the place you would put it into your data center, the cooling systems, the maintenance of the system, so there’s a lot of advantage there.

But obviously, there’s security issues when you think about these things as well. You now have one device with 100’s or more servers inside of it. How do you protect information that is transferred between those servers? You can’t touch them. You can’t plug into the network between them. They’re all self-contained in a single unit. You don’t you have that ability to touch a physical object anymore. So we’re having to change the way we think about security and virtualization. We have to think about how we would get virtual servers and virtual security devices into the virtual environment. Or we’re putting physical security devices outside of the environment and forcing those servers to communicate through our security components. There’s advantages and disadvantages to both ways.

So you really have to think about how you’re going to do this. How you’re going to implement it. It is an emerging technology and security to create virtual firewalls that work on some of these virtual servers. It’s something that, as we continue down the road of virtualization and this gets more and more mature, I think you’ll start to see more intelligent technology come out from a security perspective. In the meantime, you’ve got your logs. You know exactly who’s going where. You know what files are being accessed. You know what resources are being used. We talked in an earlier video about how important it is to have all of those great log consolidation tools available. So you can really look through all of those logs in one central place and see everything going on. So for virtualization, try addressing the security in many different places. You’re going to have to really work with this technology to figure out how you’re going to keep track and maintain control over all of those virtual resources.