Security Risk and Virtualization as discussed before is multi factorial. Today we will go through the applications and operating systems part with some details. Those who are freshly reading this article can go through our previous article – Security Risks of Virtualization in Data Center which, as we mentioned on the very article; is a kind of checklist and index of each points. In the context of security risk and virtualiztion or simply in the virtualized environments, one must think before implementation. What to think that is what the article is about !
Security Risk and Virtualization : Old is Not Always Gold
If a company manages an old environment that is not good as per the current standards, the virtualized environment no better. This is true for UNIX setup as well as Microsoft software centric setup or in case of mixed up environments.
So, it is advisable to standardize the servers, right from the beginning in form of an operating system and to replace the applications that can hardly handle or may be patching is not possible through better maintainable. Routine tasks such as patching should be largely automated even in the old environment. After all, most of the attacks are still on individual applications and their vulnerability – whether a virtual environment or not.
Security Risk and Virtualization : Classify Applications According to the Security Requirements
Next, the existing applications should be classified according to their security needs. Many experts recommend applications that belong to the very different security classes – not to keep on the same host or server pool. But, that is not the unanimous opinion. Relocate any specialized procedures on a separate host before, greatly reduces the opportunities for consolidation. The process could be with the existing solutions today and rules that you then also have to comply with. With appropriate safety, it is quite possible to reach through the logical separation.