|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen Security
On Fri, Jul 16, 2010 at 12:49 AM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote: > Hi Everyone, > > My Xen host currently run DomUs which contain some very sensitive > information, used by our company. I wish to use the same server to host some > VMs for some customers. If we assume that networking is set up securely, are > there any other risks that I should worry about? > > Is Xen secure regarding "breaking out" of the VM? > > Thanks > > _______________________________________________ a XEN domU is "just another PC", when it comes to the networking side of things. i.e. a user can "breakout" if he wants to and ultimately you should handle the network security as you would with normal servers. How do you secure your normal sensitive network server from client servers? Deal with XEN in the same way :) Setup decent firewalling. We actually put some of our sensitive domU's on a different network subnet, and block routing from client VM's to that subnet. So if they wanted to break in, they would have todo it from outside our network, at which point our firewalls take care of the rest. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |