While server virtualization is exploding into data centers around the world, the technology for securing virtual environments is lagging behind. It's a fact likely to give some organizations that have gone down the virtualization path some very acute server security headaches, according to James Collinge, product line management director at network security solution provider TippingPoint, a division of HP. Collinge expressed this view at the Infosecurity Europe 2010 conference in London earlier this year.
To get some perspective, at least 16 percent of all enterprise workloads were running in virtual servers in the latter part of 2009 according to Gartner, but this number is predicted to grow to 50 percent -- or around 58 million x86-based virtual servers -- by 2012. But Gartner predicts that some 60 percent of those virtual servers will be less secure than the physical machines they replace.
Forrester Research also points out that 98 percent of organizations that use some form of virtualization are using VMware virtualization technologies. That means that if a zero-day exploit is discovered for VMware, it is likely to be more interesting to hackers than a similar one for a given mail, web, or DNS server would be.
Why will virtualized servers be less secure than the physical machines they replace? Some of the reasons for this lower level of server security that Collinge mentioned include:
Read the rest at ServerWatch.
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.