All the policies and procedures that keep your physical environment secure still apply to virtual servers. Once migrated, start by implementing existing policies and then call on your security and audit teams to develop those specific to the virtual environment.
2. Don't mix network traffic
Hypervisors can host up to 30+ virtual servers. Traffic can easily flow between servers without leaving the host, through firewalls from one subnet or VLAN to another, completely unseen by analysis or monitoring tools. It's critical to isolate network traffic in a virtual world. Don't mix varying traffic types such as application and virtual management traffic that increase the risk of 'man-in-the-middle' attacks. It's best to physically isolate traffic types on separate network interface cards (NICs), switches and VLANS, or by using a hybrid of VLANS and NICs.
3. Stay in control
Naturally, you don't give all of your IT staff access to Active Directory objects in your physical server infrastructure, so don't lose control of access to your virtual servers either. Use Access Control Lists (ACLs) and be meticulous about assigning roles and permissions among staff so that no one can accidentally - or intentionally - compromise security and performance. Likewise, if something does go wrong, ACLs will make it easier to identify those responsible. Work closely with security teams, and systems and data owners to define access to resources.
4. Don't skimp on the training!
Education and awareness relates to every element of managing virtual environments. Send your staff to certification classes, research the technology via webinars, and take advantage of vendor training. Don't rely on 'on-the-job' training when it comes to the security of your infrastructure and assets. Investing a little time to understand the technology will make it infinitely easier to manage and keep secure.
There are dramatic cost benefits to virtualisation, but they're easily negated by poor security practices that result in breaches and downtime. The only way for IT departments to meet critical SLAs is to arm themselves with the procedures they need to proactively manage the security of hybrid data centres. Virtualisation is still a relatively new concept, and the safest way to adopt new technologies is to start with a solid security foundation. Planning ahead is always better than learning from costly mistakes.
Rick Logan is the Senior Technical Specialist, Security & Compliance - Asia Pacific, for NetIQ.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
