Time
5 hours 31 minutes
Difficulty
Advanced
CEU/CPE
6

Video Description

This lesson covers virtualization concerns and discusses the following: • Inter-VM attacks • Performance • VM Sprawl • Instant-On Gaps • VM Theft or Modification • Data Comingling

Video Transcription

00:04
So we've talked about securing the hyper visor and the host and guest operating systems just to take a look at a couple of threats that are specific to virtual ization environments. Inter Veum attacks. So ultimately, the VM really should be a point of isolation. But when you have these
00:24
ah virtual machines network through single host and all these different diem's residing in a single machine,
00:31
you know, one of the things that we want to make sure is that we're monitoring any traffic that is traversing the virtual network or the host operating system is as a whole. So ultimately from VM two of'em, the idea s o just reading this first bullet point traffic between the V EMS
00:51
Traverse is the traffic traverse is the virtual network,
00:54
right? So it's invisible to the physical security elements, and it's sometimes referred to is the blind spot. And the idea that all of the stuff that's happening in the virtualized environment really isn't being captured necessarily by the host environment get the virtual environment and
01:11
the physical environment.
01:15
So when we're monitoring traffic on our physical nick,
01:19
um, you know, it's part of, um
01:23
that is part of our proactive strategies. We've got to think about all the things that are happening in the virtualized environment, that Aaron virus invisible to some of the monitoring tools that we have. Okay, that's called the blind spot. So most of the tools that we have that are monitoring the host of us may not be tracking what's going on from VM two of'em
01:42
or internal to the PM, So we need additional monitoring tools.
01:47
We have to think about performance because again, we have all of thes virtual machines running, and that's really more of an operas operational issue. But, you know, we have service level agreements that have to be met. We have a certain amount of performance objectives. Ah, that we have to hit. So
02:06
the more tools you install, the more monitoring you do. The more virtual machines on a host. Obviously, we're gonna find that the a decrease in performance and then vm stroll
02:19
You know how many V EMS can you put on a machine? You put a lot of the ends on a machine, but more is not always better, you know, again, we have to look at performance issues. But then the more v EMS. We have the more possibility for Miss Configurations, the more difficulties we have with
02:38
people kind of taking shortcuts because there's so many things to manage.
02:42
Let's just let fault passwords go war. Let's do these things. So if we do have just an extraordinary number of E m again, we look to the industry and we look at what tools are available, and we have to trust in proper governance within our organization to have proper policies and procedures standards in place.
03:01
So this is really what we expect our cloud service providers to be aware of.
03:06
But our due diligence essentially says, Show me. Show me what your governance is. Show me what you're automation is. Show me how you monitor has. Show me your mechanisms that you use instant on gaps. You know, um,
03:23
there is, ah, security model in which many systems were built and designed, and it's called the state machine model.
03:29
And basically, the state machine model says that a system if the system starts securely
03:36
if a system runs securely and if it shuts down securely than it is secure.
03:44
I know that doesn't sound like that. Fascinating. A theory and it sounds like pretty much a given, but here's why. That's significant. What the model really says is, unless you, Congar Inti security in all three states, you do not have a secure system.
04:00
Okay, So I don't care how secure your operating system is.
04:04
If I can compromise the system that start up and maybe compromise your BIOS and haven't pulled from another OS or embed something into the U. S. Colonel or do something like that prior to the operating system even being loaded, none of that stuff matters. Okay, well, that's where we get a problem with
04:24
instant. All on gaps is what they refer to. So ultimately, there is a period of time from when the virtual machine is powered on
04:31
to win. The security rules are updated.
04:34
So ultimately, if we have patches that need to be applied, you know, security related patches specifically, um, we need to make sure that before we bring this server onto the virtual network, that it's patched
04:49
before it's fully started and has the potential to be compromised. Basically, it really is is kind of just a issue where
04:58
we want to make sure that a CME with an outdated security policy doesn't come on and load before the updated policies can be applied. Now, if you're familiar with knack, which is network access control, this is a mechanism that Onley allows the system to join it. The main or an environment based on the systems help
05:17
and the health is specified based on a series of rules and criteria that an administrator would set up. So that might be one way to deal with these instant on gaps
05:27
is that the VM can't join the domain or the network until updates and until the system's security stand scan has been run. All right, VM theft or modification. You know, um, modification a physical theft,
05:43
improper access, deletion of files, altering the files,
05:46
you know, each were just storing this material on a system, and the same threat that we have with our data in house can exist with our data that we've outsourced to the cloud. So we have to have tools in place to make sure that there's no data leak, that there's no modification, you know, integrity checking,
06:05
um, access control
06:09
policies, monitoring Veum, encryption. You know all that those air tools that we use. It's just the same ideas now, data co mingling is probably the greatest concern, especially for dealing with classified data. Is storing
06:26
different levels of classifications on systems that hold lower levels of classifications.
06:31
So the idea is we really need to make sure that we have true isolation and that the security requirements for the higher classification of data
06:42
uhm ideally,
06:44
we would apply the security classification for the highest level of data to the entire system. Now again, that's not always possible when we outsourced it cloud, which may be very much why we would use a private cloud in an environment like that.

Up Next

ISC2 Certified Cloud Security Professional (CCSP)

This online course will guide you through the contents of the CCSP certification exam. Obtaining your CCSP certification shows that you are a competent, knowledgeable, cloud security specialist who has hands-on experience in the field.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor