|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen Security
On Fri, Jul 16, 2010 at 3:32 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote: > I'm guessing the same risks apply to Xen as they do > VMWare? in general, yes. As for vendor support, Redhat has been very responsive in fixing whatever security bug that comes up (like http://www.securitytracker.com/alerts/2009/Oct/1022977.html), so if you're concerned about that, I suggest using RHEL/Centos and their bundled Xen/kernel-xen version (which might be somewhat old, but should be sufficient for most uses). I also suggest you do whatever security measures you normally do in your normal, non-virtual environment. Think of domU as just another server, and dom0 as SAN/switch/router/firewall. For example, if you never bother to rewrite a SAN's LUN with 0s before reusing it on another host, then I don't see why you should bother writing 0s to an LV that will be used by Xen. Another example, if you're comfortable having a single firewall box and switch used by all traffic on your network (using vlans), then I don't see why you should treat Xen networking differently. -- Fajar _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |