1 / 20

Virtual Machines = Real Security

Ernest Staats erstaats@gcasda.org MS Information Assurance, CISSP, MCSE, CNA, CWNA, CCNA, Security+, I-Net+, Network+, Server+, A+ Resources available @ http://www.es-es.net. Virtual Machines = Real Security. Outline. Virtual Machines What is VM software Three types of VM

mahlah
Download Presentation

Virtual Machines = Real Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ernest Staats erstaats@gcasda.org MS Information Assurance, CISSP, MCSE, CNA, CWNA, CCNA, Security+, I-Net+, Network+, Server+, A+ Resources available @ http://www.es-es.net Virtual Machines = Real Security

  2. Outline Virtual Machines What is VM software Three types of VM Advantages of Virtual Machines Disadvantages of VM Technology Well known supported VM software Using VM technology for securing your network Tools to help you use VM software better Top VM Software tools Notice Suggested Resources

  3. What is VM Software? Running multiple independent virtual operating systems on a single physical computer. It is a way of maximizing physical resources to maximize the investment in hardware. It is now feasible to turn a very inexpensive 1U dual-socket dual-core commodity server into eight or even 16 virtual servers that run 16 virtual operating systems. An abstraction layer that separates the physical hardware from the operating system Makes DR and testing DR truly an option without impacting daily life for most users Turns a physical machine in to a file that can be moved from one system to another.

  4. Three Types of VM Hardware Virtualization: Most known technology VMWare Parallels Microsoft Basically virtualizes hardware resources so all VMs “think” they have exclusive access to the hardware resources PARA- Virtualization: Can also support multiple OS's, Linux and some Windows versions with the right CPU chips Xen has more efficient processing and lower overhead which translates into better performance.

  5. Three Types of VM Cont. • OS Virtualization: • Is a different approach • Sun’s Solaris Containers • SWsoft’s Virtuozzo • Open Source OpenVZ. • It uses a single OS and can not support multiple types of OS's on the same server. Although you can have multiple OS's as long as they are the same as the host machine. • When you patch the host OS you also patch all the VM’s at the same time.

  6. Advantages of Virtual Machines Quicker live backup and deployment Faster recovery from bad patches or updates Faster recovery after an attack Better use of Hardware resources Can Reduce support cost.. Automatic Provisioning during system failure (Cassatt and others) Power savings Test your server configuration backup before they are needed Lab environment to test upgrades, new versions, new configurations Fix issues without worrying about crashing a production server Rapid Deployment Great for Security auditing and penetration testing Environment Test ISO images before you waste CD/DVD to make sure they work UBCD4WIN, BackTrack Monitoring your network

  7. Disadvantages of VM Technology: Several Management Tools still lack ability to fully understand virtual machines Rapid Deployment Latency of Virtual Disk VM ware 13% IEEE 2003 study MS Server 28% CapitalHead.com (OS VM technology will not have these issues as bad and SAN’s or I-SCSI can also reduce or eliminate this bottle neck) Dealing with sever sprawl Managing, Patching, and Securing, so many systems can become challenging Dealing with Backups of VM and their data sets Monitoring VM Specific Security issues (Blue Pill)

  8. Well Known & Supported VM Software: Server Virtual Machines: VM Ware Server – runs on top of windows or Linux -- Free GSX server runs on top of Windows or Linux replaced by VM Server ESX server starting at 1000 & UP installed on Bare metal boxes No OS Microsoft - Virtual Server - Free Xen Xen - Open Source Options- Free for Linux distributions only Xen Enterprise As low as 488 a year and UP annual and perpetual subscriptions SWsoft Virtuozzo-Windows & Linux starting at $1200 OpenVZ – Free but Linux only

  9. Well Known & Supported VM Software Cont: PC Based options include: VM Ware workstation Microsoft Virtual PC Parallels Workstation for Windows and Linux Parallels Desktop for Macintosh

  10. Using VM Technology to Secure the Network DR with VM: Take server reload time from hours/days to minutes or at most couple of hours Auto provision servers when one fails a new one can automatically be started up, have the VM loaded, and production resumes in minutes when hardware fails. Software testing and deployment of new applications: Quickly setup a test lab environment Train users without disrupting production systems Load code on systems that mimic true production environment to user interoperability. Test patches without interruption of production systems Penetration Testing VM workstation - Penetration testing, system auditing, and file recovery with UBCD4Win and Remote exploit

  11. Network Auditing & Pen Test: Using VM to load security tools Using VM to load hacking tools that might disrupt your system Browse hacking/security sites without compromising a network PC Truly anonymous surfing test security software on a sacrificial VM file Use a VM machine that runs as a server in the background to constantly audit your system.

  12. Managing Network Resources Management and Policy Control Software: SWsoft’s Ability to manage several servers from one interface and to have one host system which when patched means all other systems on that host OS is also patched Automatically bringing more severs online when loads reach a set threshold Lessen the exposure factor if your organization only has a few key servers by being able to bring a VM of them up if they should fail your network is not taken offline for prolonged periods of time Cassatt Virtual Iron Load balancing and Auto provisioning DR Xen Enterprise has some tools VMware also has some tools MS Windows Server 2003 Automated Deployment

  13. Helpful VM Tools: P2V Physical to Virtual PlateSpin VMware Leostream HelperApps Xen Enterpise MS Virtual Server Migration Toolkit - MS Virtual Server P2V Migration Toolkit (free-- great way to backup servers) Ultimate-P2V Article on how to cheaply move from P2V http://www.rtfm-ed.co.uk/?page_id=174 V2P Virtual to Physical great for deploying a standard image across different hardware PlateSpin VMware Plate Spin Recon to determine current server utilization and automatic load balancing or provisioning

  14. Helpful VM Tools Cont: Management and control software: Cassatt Virtual Iron Load balancing and Auto provisioning DR Policy Based VM software Backup software Never Fail http://www.neverfailgroup.com ESX Ranger http://www.visioncore.com Install backup agent on VM ware Use MS windows backup inside of VM environment Use VM wares pearl scripts to backup VM images live Parallels Compressor Server: Speed up VM Machines by compressing them http://www.parallels.com/en/products/compressor/server/

  15. MS Virtual Server Tools Virtual Server 2005 Migration Toolkit http://www.microsoft.com/windowsserversystem/virtualserver/evaluation/vsmt.mspx Windows Server 2003 Automated Deployment Services http://www.microsoft.com/windowsserver2003/technologies/management/ads/default.mspx Microsoft Virtual Server 2005 Management Pack http://www.microsoft.com/downloads/details.aspx?familyid=BF21F798-9B10-40DC-BCDD-4A8358CCE94D&displaylang=en Virtual PC vs. Virtual Server: Comparison of Features and Uses http://www.microsoft.com/downloads/details.aspx?FamilyID=8ed0a6cb-0f24-408e-af8f-51edf508d361&DisplayLang=en

  16. Avoid “All Your Eggs in One Basket" Common Server Types: HTTP FTP DNS DHCP RADIUS LDAP File Services using Fiber Channel or iSCSI storage Active Directory services Have spare bare metal ready to go or better yet do load balancing to increase response time and have a failover backup in place

  17. Comprehensive Technology Partner Ecosystem Applications Management Operating System CPU I/O Subsystem Networking Storage Citrix, ORACLE, Business Objects, IBM, bea, SAP IBM, BMC Software, Altiris, HP, CA, Symantec, OPSWARE Inc. Redhat, SUSE, Microsoft, Sun, Novell Intel, AMD QLogic, Emulex, intel, broadcam Cisco Systems, Check Point EMC2, IBM, HP, Net APP

  18. Disclaimer This presentation only covered the more common VM options there are many more options including Virtual appliances which would be a totally different presentation. VMware, for example, in June introduced VMware Infrastructure 3, which heightens the focus on management and high availability to enable customers to group virtual resources into a pool that can be allocated according to application demands

  19. Suggested Resources: Step by Step Power Points for deploying VM Put together by one of my Helpdesk Crew At GCA he is a Junior at GCA Step-by-Step Creating a VM Server Virtual server http://www.es-es.net/ Step-by-Step Creating a Microsoft Virtual Server http://www.es-es.net/ Step-by-Step Creating a Open Source Xen Virtual Server http://www.es-es.net/ Overview Video for Xen Enterprise http://www.xensource.com/download/# The two best General articles I have read about installing VM technology Installing Virtual Server 2005 -- Microsoft Virtual Server from the ground up http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1219809,00.html?bucket=ETA&topic=303910 How VMware Server works -- Getting started with VMware on Windows http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1226945,00.html Cassatt Whitepaper Iron Geek. Com great step by Step videos for security/Hacking Demos he demonstrates how to leverage VM technology for penetration testing and network auditing.

  20. More Reading Links SWSOFT Virtuozzo Top Ten Considerations For Choosing a Server Virtualization Technology http://searchservervirtualization.bitpipe.com/detail/RES/1126614813_718.html?asrc=SS_BSS_HOME Virtuozzo-Wikipedia.org http://en.wikipedia.org/wiki/Virtuozzo Virtuozzo commands virtual server stage http://www.infoworld.com/article/06/04/21/77439_17TCvirtu_1.html Virtuozzo White Papers http://www.swsoft.com/en/products/virtuozzo/lib/request/wp/ http://www.swsoft.com/r/pdfs/Datasheets/vz_enterprise.pdf The Hidden Costs of Virtualization http://searchwinit.techtarget.com/columnItem/0,294698,sid1_gci1219939,00.html http://searchservervirtualization.techtarget.com/columnItem/0,294698,sid94_gci1217705,00.html Ultimate-P2V Article on how to cheaply move from P2V http://www.rtfm-ed.co.uk/?page_id=174

More Related