Virtualization of the data center, departmental servers, and the desktop is changing the IT landscape dramatically, introducing new benefits as well as new risks and opportunities. From a risk management standpoint, virtualization is far more than simply placing multiple running virtual machine (VM) operating system instances on a single piece of hardware. It is also more than a simple matter of determining the strength of the virtual machine separation.
Unpeeling the onion of virtualization reveals a complexity of considerations. Each physical server becomes a network onto itself, interoperating with networks on other virtualized servers. Network administration, once performed externally to individual operating systems on routers, switches, load balancing, and firewalls, is now performed in a microcosmic fashion within and between each virtualized server. Because virtual machines are mobile they can be combined dynamically or statically to increase performance. New rules and methods for integrating and separating data and processes are among the many other considerations that come into play.
Integralis’ Virtualization Security services take a holistic view of your risks and opportunities. We work with you, as part of an overall suite of assessment, to design and implement an architecture that balances the benefits against the operational complexities and security risks of virtualization, including:
- Reductions in power consumption
- Savings in real estate, capacity management costs and flexibility
- Configuration management opportunities
- Disaster recovery options
- Vulnerability management
- Intrusion identification and isolation
- Incident handling
- Secure system separation
- Performance management
- Configuration management
- Implications to polices, procedures, compliance, and other risk concerns.