Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates

  1. 1. Secure and Scale Your Virtual Infrastructure WhileMeeting Compliance MandatesTim Grance, Senior Computer Scientist, NISTSushant Rao, Product Management Director, HyTrustCurtis Salinas, Systems Engineer, HyTrust© 2012, HyTrust, Inc. 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: 1
  2. 2. Security and Compliance Will Be Key to Virtualizing the Next50% of the Data Center   Discussion   Growth depends on virtualizing mission critical workloads   Virtualization platform provides basic security: OK for non- critical workloads   Tier 1/2 workloads have higher security, compliance needs   Purpose-built solutions needed© 2012, HyTrust, Inc. 2
  3. 3. Privileged Users Can Have Huge Impact Percentage of companies that87% have experienced a data breach — IT Compliance Institute Shionogi & Co: $3.2B pharmaceutical company Percentage of breached74% Laid off IT admin: companies who lost customers •  Logged in remotely to vSphere from as a result of the breach local McDonald’s WIFI — IT Compliance Institute •  Deleted 88 virtual production servers •  Took down email, order entry, payroll, BlackBerry, & other services •  Caused $800K damage Percent of all breaches that48% involved privileged user misuse — Verizon report, 2010© 2012, HyTrust, Inc. 3
  4. 4. Expert Consensus on Virtualization Best Practices •  “Restrict and protect administrator access to the virtualization solution.” •  “Secure each management interface” •  “Monitor and analyze logs at all layers of the virtualization infrastructure” •  “Enforce least privilege and separation of duties” •  “It is critical that independent monitoring of all activities be enforced” •  “Require multi-factor authentication for all administrative functions.” •  “Administrative access to the hypervisor/VMM layer must be tightly controlled” * NIST SP 800-125: Guide to Security for Full Virtualization Technologies ** PCI-DSS 2.0 Information Supplement – Virtualization Security *** Neil MacDonald, vice president and Gartner fellow© 2012, HyTrust, Inc. 4
  5. 5. HyTrust Appliance Provides Necessary Controls toConfidently Virtualize Mission-Critical ApplicationsSecures the administration of thehypervisor & virtual infrastructure:  Enforces consistent access and authorization policies covering all access methods  Provides granular, user-specific, audit-quality logs  Enables strong, multi-factor authentication  Verifies platform integrity, ensuring the hypervisor is hardened and the virtual infrastructure is trusted Provides complete visibility into and control over who accesses the infrastructure, the integrity of the infrastructure, and the validity of the changes requested.© 2012, HyTrust, Inc. 5
  6. 6. HyTrust’s Unique Role in Virtual Infrastructure Security© 2012, HyTrust, Inc. 6
  7. 7. Major Partners Trust HyTrustHyTrust is key "go to" HyTrust is part of CA HyTrust is the platform HyTrust providespartner for vSphere Access Control for security solution - combined reportingsecurity and compliance Virtual Environments access control and with Trends Deep auditing - for vBlock Security productHyTrust provides HyTrust reporting and HyTrust is part of Intels HyTrust event reporting andnative integration with controls being integrated trusted cloud architecture TXT integration beingSecurID and enVision with Symantec CCS based on TXT integrated with McAfee ePO © 2012, HyTrust, Inc. 7
  8. 8. Virtualize More With HyTrust  Admin compliance and controls essential for mission critical workloads  Capabilities not available from the virtual infrastructure   Granular, audit-quality administration logs   Granular, consistent privileged user and VM control policies   Multi-tenancy logical segmentation  Trusted by market leaders  Key component of major partners’ solutions © 2012, HyTrust, Inc. 8
  9. 9. NIST Special Publication (SP) 800-125Guide To Security for Full Virtualization TechnologiesRecommendations of the National Institute of Standards and TechnologyTim GranceSenior Computer Scientist in the Computer Security Division 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: 9
  10. 10. Disclaimer Any mention of commercial products or reference tocommercial organizations is for information only; it does notimply recommendation or endorsement by NIST nor does it imply that the products mentioned are necessarily the best available for the purpose. 10
  11. 11. Agenda  What is SP 800-125  Why virtualization  Full virtualization  Security concerns  Recommendations for Security for full virtualization technologies  Summary  Questions and answers  Resources 11
  12. 12. SP 800-125  Full Virtualization technologies  Server and desktop virtualization  Security threats  Security recommendations for protecting full virtualization 12
  13. 13. Why Virtualization?  Reduce hardware footprint  More efficiency  Reduce energy, operations, and maintenance costs, e.g., disaster recovery, dynamic workload, security benefits, etc.  Consolidation 13
  14. 14. Forms of Virtualization  Simulated environment  Not cover OS and application virtualization  Full virtualization – CPU, storage, network, display, etc  Hypervisor and host OS  Virtual Machine (VM) – Guest OS  Isolated  Encapsulated  Portable 14
  15. 15. Full Virtualization  Bare metal virtualization  Hosted virtualization  Server virtualization  Desktop virtualization 15
  16. 16. Virtualization and Security Concerns  Additional layers of technology  Many systems on a physical system  Sharing pool of resources  Lack of visibility  Dynamic environment  May increase the attack surface 16
  17. 17. Recommendations for Security for Full VirtualizationTechnologies  Risk based approach  Secure all elements of a full virtualization solution and perform continuous monitoring  Restrict and protect administrator access to the virtualization solution  Ensure that the hypervisor is properly secured  Carefully plan the security for a full virtualization solution before installing, configuring, and deploying it 17
  18. 18. Summary of Threats and Countermeasures  Intra-guest vulnerabilities  Hypervisor partitioning  Lack of visibility in the guest OS  Hypervisor instrumentation and monitoring  Hypervisor management  Protect management interface, patch management, secure configuration  Virtual workload security  Management of the guest OS, applications, data protection, patch management, secure configuration, etc  Virtualized infrastructure exposure  Manage access control to the hardware, hypervisors, network, storage, etc. 18
  19. 19. Resources  Presidential Memorandum, June 10, 2010, Disposing of Unneeded Federal Real Estate, is available on the following Web page: unneeded-federal-real-estate  NIST publications that provide information and guidance on planning, implementing and managing information system security and protecting information include:   Federal Information Processing Standard (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems   NIST Special Publication (SP) 800-37 Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach   NIST SP 800-53 Revision 3, Recommended Security Controls for Federal Information Systems and Organizations   NIST SP 800-61 Revision 1, Computer Security Incident Handling Guide   NIST SP 800-64 Revision 2, Security Considerations in the System Development Life Cycle   NIST SP 800-88, Guidelines for Media Sanitization   NIST SP 800-115, Technical Guide to Information Security Testing and Assessment   NIST SP 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)  For information about these NIST standards and guidelines, as well as other security- related publications, see NIST’s Web page 19
  20. 20. HyTrust Fills Critical Platform Access Gaps Virtualization Platform Gap HyTrust Solution Multiple administrators can log into hosts Uses root password vaulting (check-in/out) anonymously by sharing a root account to ensure admins are individually accountable An admin can bypass vCenter access controls Controls and logs access via any and logging by connecting directly to hosts connection method, creating accountability An admin can access another organization’s Ensures that admins can only access their virtualized workloads in multi-tenant own organization’s data and applications, environments enabling secure multi-tenancy Prevents use of default passwords and Platform allows access via default password supports multi-factor authentication to stop or compromised admin password unauthorized access A current or terminated admin can connect to Controls and logs access to every admin the platform undetected using a backdoor account, preventing major security breaches account© 2012, HyTrust, Inc. 20
  21. 21. HyTrust Fills Critical Platform Authorization Gaps Virtualization Platform Gap HyTrust Solution An administrator can shut down any Protects business continuity by controlling virtualized application or switch what resources an admin can manage An admin can create unapproved VMs, with Prevents damaging outcomes by controlling negative operations or compliance impacts VM creation privileges An admin can disable security such as Preserves security by blocking unapproved virtualized firewalls and antivirus shutdowns of virtual security measures An admin can copy sensitive data from a VM Keeps sensitive data confidential by applying to external storage controls to virtual resources An admin can replace a critical VM with a Exposes tampering by creating a permanent, compromised copy while leaving no tracks unchangeable record of every operation An admin can move a low trust virtualized Mitigates security and compliance risks by workload to a high trust server or virtual preventing mixing of trust levels subnet, and vice versa© 2012, HyTrust, Inc. 21
  22. 22. HyTrust Fills Critical Log Data Gaps Log Data Data for Allowed Data for Denied Usability and Provider Operation (example) Operation (example) Productivity Virtualization User: root none •  Separate log files for Platform Time/date vCenter and each host Target resource name, server URL Operation executed •  Different log formats for vCenter vs. hosts HyTrust All of the above, plus: •  User ID •  Consolidated, centrally •  User ID •  Date/time managed logs covering •  Source IP address •  Source IP address vCenter and all hosts •  Resource reconfigured •  Operation requested •  Previous resource state •  Operation denial •  Single, uniform format for •  New resource state •  Target resource name, combined vCenter and host •  Label (Production) IP address, port, and log data •  Required privileges protocol •  Evaluated rules/ •  Required privileges •  Logs sent to central constraints •  Missing privileges repository or SIEM via •  Evaluated rules/ syslog constraints© 2012, HyTrust, Inc. 22
  23. 23. HyTrust In Action – Live Demo 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: 23
  24. 24. HyTrust is a Critical Component in Virtualizing Mission-Critical Applications Visibility Control Validation• Authentication • Role-Based • Configuration• Logging Access Assessment & Control Remediation • Policy © 2012, HyTrust, Inc. 24
  25. 25. Thank You!Questions and Answers© 2012, HyTrust, Inc. 25