11 Aug 8 slides ppt(Excluding titles and references)
Top Ten Recommendations for Securing Virtual Servers
Introduction
Security provision for the cloud environment is an issue that is very sensitive and needs laying of proper strategies including measures to counter actions that jeopardize the security of the cloud systems. In the recent past, many organizations and businesses have resorted to operating with the virtual servers. This is attributed to the advancement of technology and the advantages that the virtual server systems come with. However, there are times when the risk of using the virtual servers arise and this is particularly due to the insecurities in the cloud environment. For instance, there are cases of advanced persistent threat (ATP) attack and privileged user abuse (Owens, 2009). Therefore, it is to this concern that the need for having recommended security procedures to handle the insecurities in the virtual servers.
Recommendations For Securing Virtual Servers.
Virtual machine discovery and inventory.
One of the major steps of ensuring the security of these systems is ascertaining the location of these systems. In addition, the accuracy of maintaining the inventories can be determined. It is important to keep these inventories updated. Accurate inventories can be maintained by the use of a number of methods such as the in-built tools within the virtual platforms. One of these systems includes systems center, virtual machine manager.
Virtualization change and configuration management.
Configuration management is based on the two elements namely security hardening and patching. The security hardening perspective involves a number of guidance sources to help the systems. Furthermore, there are security administrators which lock down the virtual component. Change management, on the other hand, involves resilient operations for virtualizations. In this perspective, virtual machines are created and availed within short periods of times.
Security architecture for virtual networks.
For security purposes, there are a number of architecture options for security and teams of networks that one can consider to use for virtual servers. These include recognizing the difference between traditional physical switches and the virtual servers. For all the virtual servers, redundancy and security are always inbuilt on the network design. While operating the virtual servers, data with different sensitivity are kept in different physical hypervisor platforms to attain segregation.
Hypervisor security management.
The hypervisor’s function is to control data traffic. It is therefore important to maintain the security of this component including its components. During the virtualization management, the specific tasks and groups should be created to run various tasks. Doing this allows proper securing of the management platforms. In addition, the management applications that are used should be patched and locked to ensure the security of the entire system.
Tweaking security technologies for VMs
Upon switching to virtualization, other security process and technologies being used get affected. For instance, the antimalware agents have to be configured to allow the exclusion of certain files from the virtual disks. It is therefore important to ensure that the other security applications that are being used to detect intrusion are not affected. In case one the application being used do not an option for detecting intrusion and other related security measures, configuration for this should be done. quoting from Ptacek, 2019, “most security professionals feel that virtualized security tools should be used to augment existing security technology instead of replacing it, but these new tools will most certainly be more readily adopted over time.”
Don’t let the enterprise silo virtualization security.
Although the operating systems being used have the administrators taking care of the security, there is also the need for taking care of the VMware ESX clusters backup measures to diversify security for the systems. Plans should be placed to the stage, deploy and patch the virtual machines. Furthermore, there should be rules for access to the guest operating systems via the physical servers.
Segmentation of the physical VM servers.
It is important to carry out segmentation to allow different guests hosts to handle different data types. This is because the guest hosts are designed to handle different information and there are those that can carry protected information while others cannot. This also avoids risking information theft due to vulnerabilities. From a report, “Enterprises need to figure out what their security domains are, gaining a sense of what their most sensitive data is” (Ptacek, 2019).
Don’t ignore the risks of virtualization add-on services.
Organizations should not just let the virtual machines to handle all the security issues through the virtual security appliances. In connection to this, security backups which can be snapshotting and checkpointing should not be overlooked.
Virtualization security products should be considered carefully and critically.
Though virtual products do provide an opportunity to expand the network coverage, they may also be a source of risking the systems and therefore should be analyzed well before being used.
Don’t let the virtualization malware keep the systems at night.
At times the Trojan can exploit the hypervisor and hide in the operating system if it’s affected. At this state, they become undetectable and therefore continue invading the system. It is therefore prudent to use systems that look for specific malware within systems. Nate Lawson from Root Labs from their research says “the team’s key finding was that virtualization does a great job of hiding itself from applications that aren’t looking for it.” (Shackleford, 2019).
References
Owens, K. (2009). Securing virtual compute infrastructure in the cloud. Whitepaper. SavvisCorp.[Online]. Available: http://www. savvis. com/en-us/info% 5Fcenter/documents/hos-whitepaper-securingvirutalcomputeinfrastructureinthecloud. pdf.
Ptacek, T(2019). Virtualization server security best practices. Information Security. Retrieved on 25/7/2019 from
Shackleford, D.(2019). Virtualization 101: Best practices for securing virtual machines. Information Security. Retrieved on 25/7/2019 from
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.