VMUnify – Enabling VM Security
Today, many organizations face new security concerns because they are increasingly putting their most critical applications on Virtual Machines (VMs). One must be aware of this in order to protect against loss of sensitive data.
The VMUnify advantage:
Secure Multi-tenancy – One of the major security concerns today is the lack of isolation between tenants spread across heterogeneous hypervisors in public, private or hybrid cloud environments. Any unauthorized access or migrations between tenants in a multi-tenant data center can weaken the isolation boundaries.
VMUnify ensures complete isolation between any two tenants at all levels – Computing, Networking and Storage in a multi-tenant cloud environment.
Illegal copy or snapshot of VM – A virtual machine is encapsulated into one or more virtual disk files that reside on a virtual host server. Due to this, it is not very difficult for someone with the appropriate access to make a copy of these disk files and access any of the data on it.
Once copied, the data can be accessed either by launching the VM using the freely available virtual machine software, or by parsing or mounting the virtual disk file using freely available mount utilities or SDKs.
VMUnify associates each VM and its resources to the tenant it belongs to, and disables launching of VM or access to its data outside the tenant boundary.
Bringing Rogue VMs into the Organization – An external spurious virtual machine infected with viruses or spywares may be brought-in, migrated or copied into an organizational environment and made functional. This poses a major threat to the organization’s network and data security.
VMUnify automatically discovers any Rogue VMs entering the trusted environment and prevents it from booting-up in that environment.
VM Sprawl – Creating a new Virtualized server or desktop is so quick and easy that the number of virtual machines (VM) running in a virtualized infrastructure increases and many VMs are left unattended over a period of time. This can consume valuable storage space and cause Denial of Service (DoS) during genuine VM provisioning request or any P2V server migrations. This also leaves a big security concern when these unattended VMs are loaded or powered-on after a long time.
vmUnify controls VM Sprawl by attaching expiry to each VM on its creation and alerts the administrator on crossing the safe utilization levels within a private cloud environment.
I have shared my thoughts on how VMUnify enables VM security. More inputs on this are welcome.