It is estimated that 25% of SMEs use virtualized environments and the forecast for the coming years looks very promising. There are several advantages deployments of application servers and much more won with virtualization, for example, lower operating costs, resources scalability, IT automation, faster. On the other hand, we tend to ignore or give too little importance challenges or risks introduced in virtualized environments. As the general benefits outweigh the challenges, the perceived risks are low! Is this the approach we take, must move forward towards safe and stable virtualized environments?
What are the new challenges introduced by virtualization? In contrast to the traditional environment, we can define hardly a control structure for a virtualized environment.With greater flexibility and rapid deployment of sprawl risk management and with the decentralised unrestricted access management, there is a risk of non-compliance or security violations - virtualized control management needs a new form! the challenge is create a structure that is dynamic, portable and accurate.
Implementing a control structure to an existing uncontrolled environment can be painful, as it may require changes to the configuration!With regard to the implementation of best practices and procedural controls of the tasks is less schmerzhaft.Daher, protection and control of the virtualized environment should take account of the technical aspects and human factors. The best approach would be to plan all controls before implementing the virtualized environment.
There are various areas should be considered when designing a virtualized environment. A concept that is often ignored by IT stuff to separate the network traffic management from the data services network by separate subnets. Another common trend is group virtual machines by performance level instead of trust/criticality level first. IT is the hypervisor (virtualized platform) in its patch management exercise including?There may be even tougher design decisions on Netzwerkebene.Als components in virtualized environments all virtual, such as, Vnics, virtual switches, etc. is attention required, to design the network layout. The environment can be a firewall or a DMZ within the hypervisor or enable require virtual MAC protection. Keep in mind that, certain vendor specific products enable NIC's in promiscuous mode and disable MAC protection!
If the company's backup strategy is based on images and snapshots, a recovery procedure for test shall apart from the well defined procedures and policies.In a Windows Active Directory environment the restore will cause an outdated or sync AD server problems!Images of virtual machines are copied to external devices and taken from the premises.There to monitor all the controls in place or detection mechanisms to such movements?
All, is the virtualized environment and executed, policies, procedures and guidelines have created werden.Dazu should segregation of duties, identity and access management, asset and log management include. because it is very difficult to track incidents, must access restrictions established protocols be. while restricting access to virtualized resources is important, make sure that logs are enabled and all components including the hypervisor minutes gesammelt.Erziehung stuff about policies and procedures is essential, however, such auditing procedures on a regular basis is important!
No comments:
Post a Comment