[brlug-general] Does VM technology improve or hurt security?
dpuryear at usa.net
Wed Apr 14 19:48:29 CDT 2004
I am very fond of Virtual Machine (VM) technology, e.g., VMware, and use it
extensively. Others may use other technologies, such as LPARs on IBM iSeries
I'm curious about your thoughts on how VM affects security.
I see two affects:
By using VM technology security and systems managers can better separate the
services they provide, reducing the ability of one compromised service to
affect another. If nothing else, this allows security to better enforce a
one-server/one-service policy that is too expensive otherwise.
An attacker could potentially break out of the VM and take over the entire
server. This would allow him to compromise all of the virtual servers.
Basically, using VM could mean putting all of your eggs in one basket.
Puryear Information Technology, LLC
Baton Rouge, LA
Author of "Best Practices for Managing Linux and UNIX Servers"
Download your free copy:
More information about the General