Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Virtualization presentation

26 631 vues

Publié le

Publié dans : Technologie

Virtualization presentation

  1. 1. Virtualization -By Mangesh Gunjal
  2. 2. Topics to be Covered:VirtualizationVirtual Machine MonitorTypes of VirtualizationWhy Virtualization..?Virtualization Application AreasVirtualization RisksVirtualization SecurityVM SprawlMiscellaneous
  3. 3. Virtualization- Multiple Operating Systems on a Single Physical System- Share the Underlying Hardware Resources.- Multiple Execution Environments, - Hardware and Software Partitioning, - Time-Sharing, - Partial or Complete Machine Simulation/ Emulation- Separation of a Resource or Request for a service.
  4. 4. Source: Virtualization Overview whitepaper, By VMWare.
  5. 5. - Virtual Machine Monitor (VMM)- Emulation or simulation- Virtual Machines- Isolated Environment
  6. 6. Source: Virtualization Overview whitepaper, By VMWare.
  7. 7. Para Virtualization Source: Virtualization Overview whitepaper, By VMWare.
  8. 8. Why Virtualization..?Server Consolidation.Legacy Applications.Sandbox.Execution of Multiple Operating Systems.Simulation of Hardware and Networking Devices.Powerful Debugging and Performance MonitoringFault and Error ContainmentApplication and System MobilityShared Memory MultiprocessorsBusiness ContinuityVirtualization is FUN...and plenty other reasons.
  9. 9. Source: Virtualization Overview whitepaper, By VMWare.
  10. 10. Infrastructure is what connects resources to yourbusiness.Virtual Infrastructure is a dynamic mapping of yourresources to your business.Result: decreased costs and increased efficiencies :and responsiveness Source: Virtualization Overview whitepaper, By VMWare.
  11. 11. Virtualization Application AreasDesktop Virtualization Application Virtualization
  12. 12. Virtualization Application Areas Server Virtualization Storage VirtualizationInfrastructure Virtualization Network Virtualization
  13. 13. Virtualization Risks- Inexperience Involved.- Increased Channels for Attack.- Change Management Control.- IT Asset Tracking and Management.- Securing Dormant Virtual Machines.- Sharing Data between Virtual Machines.
  14. 14. Exploitation on Virtualization- Malicious Code Activities through Detection of VM.- Denial of Service on the Virtual Machine.- Virtual Machine Escape
  15. 15. Historical Incident- VMware Multiple Denial Of Service Vulnerabilities Some VMware products support storing configuration information in VMDB files. Under some circumstances, a malicious user could instruct the virtual machine process (VMX) to store malformed data, causing an error. This error could enable a successful Denial Denial-of-Service attack on guest operating systems.Link:http://www.Securiteam.com/cves/2007/CVE-2007-1877.htmlhttp://www.Securiteam.com/cves/2007/CVE
  16. 16. Virtualization SecurityHypervisor SecurityHost/Platform SecuritySecuring CommunicationsSecurity between GuestsSecurity between Hosts and GuestsVirtualized Infrastructure SecurityVirtual Machine Sprawl
  17. 17. Hardening Steps to Secure Virtualisation Environment - Server Service Console- Restriction to Internal Trusted Network- Block all the incoming and outgoing traffic except for necessary ports.- Monitor the integrity and modification of the configuration files- Limit ssh based client communication to a discrete group of ip addresses- Create separate partitions for /home, /tmp, and /var/log
  18. 18. Hardening Steps to Secure Virtualisation Environment - Virtual Network Layer- Network breach by user error or omission.- MAC Address spoofing (MAC address changes)- MAC Address spoofing (Forged transmissions)
  19. 19. Hardening Steps to Secure Virtualisation Environment - Virtual Machine- Apply standard infrastructure security measures into virtual infrastructure- Set the resource reservation and limits for each virtual machine
  20. 20. Virtual Machine SprawlUnchecked creation of new Virtual Machines (Vms)The VMs that are created for a short short-term project are stillusing CPU, RAM and network resources, and theyconsume storage even if they are powered off.VM sprawl could lead to a computing environmentrunning out of resources at a much quicker quicker-than-expected rate, and it could skew wider capacity capacity-planningexercises.
  21. 21. MiscellaneousKaspersky Lab has introduced Kaspersky Security forVirtualization, a virtual security appliance that integrates withVMware vShield Endpoint to provide agent less, anti malwaresecurity.VMware Source Code Leak Reveals Virtualization SecurityConcerns.Symantec has its own wide range of tools for VirtualizationSecurity: − Symantec Critical System Protection − Symantec DataLoss Prevention − Symantec Control Compliance Suite − Symantec Security Information Manager − Symantec Managed Security Services − Symantec Endpoint Solutions
  22. 22. References- VMware.com- Microsoft.com- SANS.org- Gartner.com- Trendmicro.com- Symantec.com
  23. 23. Thank You