Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Virtualization and Security ?
From: "Rappaport,Jason" <jbr32 () DREXEL EDU>
Date: Tue, 11 Nov 2008 07:37:06 -0500

Anand - all of our core infrastructure is virtualized (web servers,
database servers, license servers, etc). We went with VmWare and
attended several Vmware User Group meetings before we went full steam
with this project.  VmWare does have a free version of its product
VmWare server that is nearly identical to VI3 (at least the current
version is); with the exception of performance.  
In regards to security, we have locked down and restricted all access to
our virtualization server to on campus access only.  The virtual
machines that sit on top of VI3 are all secured using traditional
methodologies (firewall, anti virus, anti spyware, etc.).  
Each virtual machine does daily backups to a NAS device that is
replicated nightly.  
In the event of a DR scenario, we have a backup virtualization server
(VmWare Server) that we can bring online and restore form the latest
backups.  We actually had to do this once when we patched VI3 and it
corrupted the boot partition.  I had the backup virtualization server
started within minutes and it took me 90 minutes to restore from the
latest backups on all VMs; the support contract is well worth it.  
I am actually working on a project to phase our VmWare server and go
with Vmware ESXi, which is Vmware's free product that runs on bare
metal; Vmware Server runs on top of Linux or Windows.  
I hope that helps.  
Thanks, Jay

Jay Rappaport
jasonrap () drexel edu 
215.895.1680 office
215.895.6447 fax
Systems Administrator
Design & Imaging Studios
Antoinette Westphal College of Media Arts and Design
Drexel University



From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Anand Malwade
Sent: Monday, November 10, 2008 5:12 PM
Subject: [SECURITY] Virtualization and Security ?


We are looking into Data Center Consolidation and plan to virtualize
most of our servers. Now Virtualization can yield sigificant operational
advantages, but  also introduces among others network, security
complexity and management challenges. 

My question to the forum is 

a) Is anyone fully virtualized ?  If so was a Vendor hired to perform
this function and are there any lessons learnt  that i should be aware
of with the deployment? 

b) Has anyone run into significant Security and Risk Issues. 


Anand Malwade
Information Security Officer,
Seton Hall University,
Tel: 973 275 2209
malwadan () shu edu 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]