[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-users] Security audits and compliances
bbmailing@xxxxxx wrote: > > Hey guys, > > I was just looking into some standards concerning the > certification of critical computer systems in general when I > thought about how this relates to virtualization. Is there > anyone out there who has experiences with security audits for > Xen like PCI-DSS? Or to put it as a general question: does > virtualization matter? I think its a pretty interesting > question - how is the isolation between virtual machines > accepted with regards to security compliances? Don't have PCI compliance experience, but I do have some GLBA compliance experience. > Lets have an additional example to discuss: There are two > networks that are generally not allowed to be directly > connected to one physical machine. What about creating two > driver domains on one physical host both having a dedicated > NIC connected to one of these networks. The resulting > security rule could be that the virtual machines are never > allowed to use both driver domains. Do you think this would > work out in a security audit? For security, compliance or no compliance, dom0 must be treated as a highly privileged and highly secure resource that only a select group of individuals have access to, preferably a group of individuals who do not have access to the domUs or the applications that run within. In the real world that kind of segregation of duties is hard to attain, but all attempts must be made to try and reach that goal. Limiting who from the admin group has the rights to administer the virtual machine servers and by protecting access to dom0 with local firewall, reducing attack surface by limiting services running, assuring communications with it are encrypted (ssh, ssl), and for domUs containing customer information, if possible encrypting the storage with an encryption key that only the domU admins know... As far as network connectivity is concerned, the network configuration and topology need to be internally published so they can go under peer review for accuracy and are available to auditors for review as well, but as long as the traffic is segregated as it needs to be, whether logically via vlans or physically over separate NICs, it doesn't really matter. -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |