NIST to hypervisor admins: Pro-tip, secure your systems
Hypervisor security draft open for comment
US standards body the National Institute of Standards and Technology (NIST) has laid out the basics of hypervisor security in a draft publication released for comment on 20 October.
The sysadmin guide presents 22 security recommendations, under the key headings of isolating VMs from each other and the host hypervisor; controlling access and device emulation; preventing VMs from executing privileged operations; VM management; and managing settings for interactions with the hypervisor.
The report notes that some threat types are well known, well understood, and common to any server-based software. For example, sysadmins should already be aware that they need to secure against network-based attacks, and likewise that Web-based management interfaces are a risk point.
On the other hand, threats from rogue VMs being used as an attack vector through “channels such as shared hypervisor memory and the virtual network inside the hypervisor host” are specific to the virtualised environment.
Rogue VMs can arise through misconfiguration of the hypervisor and/or its guest container; or malicious/vulnerable device drivers, the document says, which provide vectors for attacks such as rootkit installation or attacks against other VMs on the same host.
On the network, the report says, a rogue VM could spoof IP or MAC addresses, hop across the VLANs that are meant to isolate traffic of different tenants, or try to intercept network traffic. Rogues can also be used for denial-of-service attacks, by way of resource starvation.
The draft, written by NIST director and George Mason University professor Ramaswamy Chandramouli, is open for comment until November 10. ®