http://gcn.com/articles/2014/10/21/nist-hypervisor-security.aspx
By GCN Staff
Oct 21, 2014
The National Institute of Standards and Technology released a draft of
SP-800-125 A, Security Recommendations for Hypervisor Deployment, for
public comment. Because of widespread growth in server virtualization for
hosting enterprise applications and providing cloud services,
recommendations for secure deployment of hypervisor platforms are needed,
the standards agency said.
Since the January 2011 publication of NIST’s SP 800-125, Guide to Security
for Full Virtualization Technologies, both the feature set of hypervisors
as well as tools for configuring the virtualized infrastructure spawned by
the hypervisor have seen considerable increase.
The NIST guidance examines the security implications of hypervisor
platform choices and provides security recommendations for deployments in
an enterprise.
Hypervisors provide abstraction of all physical resources (such as CPU,
memory, network and storage) and allow IT managers to run multiple virtual
machines (VMs) on a single physical host, also referred to as a
virtualized or hypervisor host. The hypervisor can also define a network
that enables communication among the VMs. Enterprise data centers use the
hypervisor for server virtualization because it makes better use of
hardware resources and reduces power consumption However, it is also
susceptible to threats from rogue VMs that can subvert the hypervisor’s
access control to hardware resources such as memory and storage.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
