Is Someone Spying on Your Virtualized Environment?
By blueprints on Jan 25, 2011
Virtualization is one of those hot topics that dominates the thoughts of systems architects. Of course, the newer and more visible a technology trend, the more likely it is cyber pests are looking to exploit some weakness.
Oracle VM Server for SPARC (previously called Sun Logical Domains or LDoms) technology is one implementation of virtualization based on the UltraSPARC T1, T2, T2 Plus and SPARC T3 processors. It's been around for a while, so we have the advantage of a more mature implementation with associated security best practices. Oracle engineer Stefan Hinker has written a comprehensive paper, Securing Oracle VM Server for SPARC, that addresses these issues in detail: it discusses the eleven threats you may encounter, along with a detailed discussion of the 28 countermeasures you can take.
Finally, this paper lays out three deployment scenarios based on your security needs. How do you assess that? Simple: Security Needs=Value of Data∗Probability of Breach. This paper is one of those critical references you should read and keep it close. Because, someone may be watching you...