computerwoche.de

Archiv

Gartner: New security demands arising for virtualization, cloud computing

23.06.2011
NATIONAL HARBOR, Md. -- The rush toward of internal enterprise computing resources and can have many advantages, such as consolidation, but it's largely outracing traditional and identity management practices. That's leaving huge gaps, a sense of chaos and questions about where security products and services should be applied in the world of multi-vendor virtual-machine (VM) hypervisors.

"Virtualization will radically change how you secure and manage your computing environment," Gartner analyst Neil MacDonald said this week at the annual Gartner Security and Risk Management Summit. "Workloads are more mobile, and more difficult to secure. It breaks the security policies tied to physical location. We need security policies independent of network topology."

Gartner estimates almost half of x86-based server workloads are virtualized today, with VMware the clear market leader, but with Hyper-V on the rise and Citrix a contender. Gartner . But at the same time, the consultancy acknowledged management tools and security really haven't risen to meet the occasion.

GARTNER ANALYSIS:

"The hypervisor will be less secure than the physical systems they replace," MacDonald said. "The integrity of that bottom layer is paramount. The hypervisor layer you don't want compromised."

Today there's often a "lack of visibility and controls on internal VM-to-VM communications," said MacDonald. "Should VM No. 1 be talking to VM No. 3? How do you know they're not attacking? The traffic never comes out onto our physical network." Some companies are willing to live with this uncertainty, others not, MacDonald said.