Hypervisor as virtualization's enforcer?
Some experts advocate putting more security features into the hypervisor layer, but others say that would be a disaster waiting to happen.
Computerworld - Citing performance and security benefits, virtualization vendors are shoving more add-on software into the hypervisor layer. VMware Inc., Citrix Systems Inc. and Microsoft Corp. all allow for third-party software execution at this layer of their virtualization technologies, says Neil MacDonald, an analyst at Gartner Inc.
[See related story, The scary side of virtualization.]
Is that a good thing? Yes -- and no -- say users and experts.
Early virtual machine management software resided on top of a host operating system. That went away with the development of the hypervisor -- a thin layer of software that runs directly on the hardware. A hypervisor has two advantages: It's not affected by vulnerabilities in an underlying operating system that hosts it, and it's small -- less than 100MB for VMware ESXi -- and therefore provides a very small target for attacks. "When you have that small of a footprint, the opportunities for exploits and errors go down dramatically, " says KC Condit, senior director of information security at Rent-a-Center Inc.
But that's changing. Companies like Trend Micro Inc. are beginning to offer software designed to be inserted at this layer. Doing so can improve security and give a performance boost. "The simplicity of deploying security in an agentless manner is very appealing and easier to manage," says Bill McGee, senior director of data center security product development at Trend Micro. But as more third-party software vendors insert code into the hypervisor layer, for security and other functions, the layer could get more crowded, with more updates required and a bigger attack surface.
Eric Baize, senior director for the RSA Security Practice at RSA, the security division of EMC Corp., says pushing security down to the virtualization layer is ultimately a good thing. "The more it's built in, the easier it is to deploy and manage," he contends. Eventually, he predicts, security will be rolled into the core virtual infrastructure and third-party add-ons will no longer be needed.
But others worry that the current trend may set the stage for a new set of risks.
Kris Lovejoy, vice president at IBM Security Solutions, IBM's security consultancy, doesn't think additional complexity in the hypervisor is necessarily a good idea. Most IT organizations already struggle with patch management, configuration management and change management at the operating system level. The problem could be "way worse" at the hypervisor layer, he says.
Venu Aravamudan, senior director of product marketing for VMware's server business unit, says third-party vendors that plan to include software in VMware's hypervisor layer through its VMsafe program must meet a "rigorous" certification process. So far, certified products include antivirus, intrusion-protection, anti-rootkit, firewall and network-monitoring tools. "The third-party solutions will add up over time, but customers can be assured that it will be a controlled program," he says.
But analysts remain wary about creating opportunities for vulnerabilities in the hypervisor layer. "My gut says that unless you're really diligent in managing all of that stuff, it's going to create a [security] hole. I'm bearish on the concept," says John Kindervag, an analyst at Forrester Research Inc.
Aravamudan points out that only a part of the code goes into the hypervisor. "In general, this footprint is not large," he says. The rest sits in a secure virtual machine and uses a "minimal" amount of kernel capability. "We clearly will ensure that the hypervisor doesn't double in size because you're adding all of those components," he says.
Nonetheless, MacDonald says he's still wary of advising Gartner's clients to add a lot of third-party code into the hypervisor layer. "The best advice is to keep it thin and hardened from a security perspective." he says. "Putting additional code into the hypervisor increases the attack surface."
Robert L. Mitchell writes technology-focused features for Computerworld. You can follow Rob on Twitter at twitter.com/rmitch or subscribe to his RSS feed. His e-mail address is email@example.com.
Read more about it
- The scary side of virtualization
- Hypervisor as virtualization's enforcer?
- Tighten up virtual server security, cautions Gartner
- The virtual blind spot
- Case study: Hungry for virtual server security
- Blog: Securing mixed environments - not everybody will be virtualized
- Opinion: Virtualization security assessment guides inadequate
- Virtualization's security threats
Read more about Virtualization in Computerworld's Virtualization Topic Center.
- Extending the benefits of desktop virtualization to mobile laptop users Desktop virtualization is attractive to organizations of all types and sizes worldwide because of its many compelling benefits. However, there is a gap...
- Top 10 reasons to strengthen information security with desktop virtualization While technologies such as firewalls remain an important base, they're increasingly bypassed. What's needed is a new security layer. Desktop virtualization provides that...
- Improving IT Efficiencies: Four Advantages of Multi-Tenant Data Centers Increasing demands on IT are forcing organizations to rethink their data center options. For many organizations, that means turning to the flexibility afforded...
- See the Possibilities Utilizing Data Visualization Do you simply want to collect data, or do you want to derive business insights from it? What if you could quickly and...
- Five Things Every VM Admin Needs to Know Learn how to make it much easier to visualize, analyze, optimize and automate your virtual environment. Watch this recorded webcast.
- Top 9 Virtualization Optimization Tips and Tricks Most virtualization admins spend a lot of time deploying and configuring new VM's, setting up new virtual environments and fighting fires. This doesn't... All Virtualization White Papers | Webcasts