[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-users] Security audits and compliances
Hey guys, I was just looking into some standards concerning the certification of critical computer systems in general when I thought about how this relates to virtualization. Is there anyone out there who has experiences with security audits for Xen like PCI-DSS? Or to put it as a general question: does virtualization matter? I think its a pretty interesting question - how is the isolation between virtual machines accepted with regards to security compliances? Lets have an additional example to discuss: There are two networks that are generally not allowed to be directly connected to one physical machine. What about creating two driver domains on one physical host both having a dedicated NIC connected to one of these networks. The resulting security rule could be that the virtual machines are never allowed to use both driver domains. Do you think this would work out in a security audit? Looking forward to an interesting discussion... Best regards, Bjoern ________________________________________________________________________ Schon gehört? Bei WEB.DE gibt' s viele kostenlose Spiele: http://games.entertainment.web.de/de/entertainment/games/free/index.html _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |