Virtual Machine Security Considerations
Virtual machines are the containers in which applications and guest operating systems run. By design, all VMware virtual machines are isolated from one another. This isolation enables multiple virtual machines to run securely while sharing hardware resources (CPU, memory, I/O) and provides both their ability to access hardware and to maintain uninterrupted performance.
Even a user with system administrator privileges on a virtual machine’s guest operating system cannot breach this layer of isolation to access another virtual machine without privileges explicitly granted by the ESXi system administrator. As a result of virtual machine isolation, if a guest operating system running in a virtual machine fails, other virtual machines on the same host continue to run. The guest operating system failure has no effect on:
The ability of users to access the other virtual machines.
The ability of operational virtual machines to access the resources they need.
The performance of the other virtual machines.
Virtual machines are similar to physical machines in that they are vulnerable to attack primarily through their network interfaces. To secure virtual machines, software should also be installed to protect the virtual machines from network vulnerabilities. Consider the following:
Confirm that antivirus, antispyware, intrusion detection, and firewalls are enabled for every virtual machine in the virtual infrastructure.
Keep all security measures up to date, for example, applying all the latest security patches for a guest OS or application.
To keep the virtual machine software and applications up to date, use a patch management tool.
If the data center requires it, use smart card readers to access virtual machines with the vSphere Web Client remote console.
Use vCenter Server roles to limit access to the virtual machine console windows.
Create virtual machines from virtual machine templates that have been secured.
Virtual machines can be further protected by setting up resource reservations and limits on the host. For example, through the detailed resource controls available in ESXi, a virtual machine can be configured so that it always receives at least 10 percent of the host’s CPU resources.
Resource reservations and limits protect virtual machines from performance degradation that would result if another virtual machine consumed excessive shared hardware resources. For example, if one of the virtual machines on a host is incapacitated by a denial-of-service (DoS) attack, a resource limit on that machine prevents the attack from taking up so much of the hardware resources that the other virtual machines are also affected. Similarly, a resource reservation on each of the virtual machines provides that, in the event of high resource demands by the virtual machine targeted by the DoS attack, all the other virtual machines still have enough resources to operate.