Chapter 6 – Virtualization Security

In March 2010, Gartner said that by 2012, 60% of virtualized servers will be less secure than the physical servers they replace.1 The core argument made by Neil MacDonald, vice president and Gartner fellow, was “Virtualization is not inherently insecure. However, most virtualized workloads are being deployed insecurely.” This statement pretty much summarizes what you must be concerned about when talking about virtualization security. While planning and deploying a virtual environment, make sure to bake in security from ground zero. You should never add security after deploying your virtual environment; chances are that you will leave holes that will be very hard to fix it after the environment is in production. As virtualization is highly utilized in cloud computing, it is also important to mention that trends for 20132 also reveals that private and hybrid cloud are top of mind for most companies. This means that virtualization security becomes even more important on a scenario that companies are trying to adapt to one of those cloud computing models. Before following any vendor's guidelines about virtualization platform security, make sure to have a good understanding of the main issues involving this subject, from a vendor-independent perspective. The National Institute of Standards and Technology (NIST) issued a security guide for virtualization3 that can (and should) be your main reference while studying this subject. This guide is vendor independent and can help you to identify the core areas that you should address security virtualization regardless of the platform that you have on your company. In this chapter, you will learn more about Windows Server 2012 Hyper-V Security Capabilities, what's new on this area, and how to leverage those features in order to enhance the virtualization security of your environment.