Securing vms from other vms - vmware
Therhino
Member Posts: 122
Besides IPTables or VLAN splitting is there any products or ways to make it so if one vm would become infected or compromised it would not have the ability to affect others?
Comments
-
scott28tt
Member Posts: 686 ■■■■■□□□□□
I'm going to assume you're asking about vSphere here...
The obvious built-in solution is the kind of networking config you describe, but there are also some security products which might also be viable/suitable:
Virtualization Security & Vulnerability Monitoring
http://emea.trendmicro.com/imperia/md/content/emea/datasheets/virtualization/coreprotection_virtual_machines_datsheet_emea.pdf
Scott.VCP2 / VCP3 / VCP4 / VCP5 / VCAP4-DCA / VCI / vExpert 2010-2012
Blog - http://vmwaretraining.blogspot.com
Twitter - http://twitter.com/vmtraining
Email - vmtraining.blog@gmail.com -
azjag
Member Posts: 579 ■■■■■■■□□□
Besides IPTables or VLAN splitting is there any products or ways to make it so if one vm would become infected or compromised it would not have the ability to affect others?
New VMware vShield? Zones to Deliver Security and Compliance Across the DatacenterCurrently Studying:
VMware Certified Advanced Professional 5 – Data Center Administration (VCAP5-DCA) (Passed)
VMware Certified Advanced Professional 5 – Data Center Design (VCAP5-DCD) -
Chris:/*
Member Posts: 658 ■■■■■■■■□□
VMs do not bleed over data they are vulnerable just like a physical host so you have to enact controls just like physical boxes. This can be done with the vSwitches or Distributed vSwitches patch management and hardening.Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology -
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
Build-in only really has private VLANs which might help .. another solution would be using the Nexus switch as it supports ACLsMy own knowledge base made public: http://open902.com