Securing vms from other vms - vmware

Besides IPTables or VLAN splitting is there any products or ways to make it so if one vm would become infected or compromised it would not have the ability to affect others?

Find more posts tagged with

Comments

scott28tt

I'm going to assume you're asking about vSphere here...

The obvious built-in solution is the kind of networking config you describe, but there are also some security products which might also be viable/suitable:

Virtualization Security & Vulnerability Monitoring
http://emea.trendmicro.com/imperia/md/content/emea/datasheets/virtualization/coreprotection_virtual_machines_datsheet_emea.pdf

Scott.

azjag

Therhino wrote: »

Besides IPTables or VLAN splitting is there any products or ways to make it so if one vm would become infected or compromised it would not have the ability to affect others?

New VMware vShield? Zones to Deliver Security and Compliance Across the Datacenter

Chris:/*

VMs do not bleed over data they are vulnerable just like a physical host so you have to enact controls just like physical boxes. This can be done with the vSwitches or Distributed vSwitches patch management and hardening.

jibbajabba

Build-in only really has private VLANs which might help .. another solution would be using the Nexus switch as it supports ACLs