The document presents insights by Tudor Damian, an IT solutions specialist, on virtualization as a tool in information systems security, discussing types of attacks and security myths associated with virtual machines. It also examines the evolution of virtualization solutions, particularly Microsoft's Hyper-V, and emphasizes the importance of management tools. The overall perspective highlights the need for control and automation in managing virtual environments.

2. despre mine

3. Tudor Damian
IT Solutions Specialist
tudy

4. despre webcast

5. virtualizarea ca instrument și țintă
în securitatea sistemelor informatice

6. o scurtă istorie

7. un SO, un user, o aplicație

8. un SO, un user, mai multe aplicații

9. un SO, mai mulți useri, mai multe
aplicații

10. mai multe SO, mai mulți useri, mai
multe aplicații

11. ”granițe” artificiale în
securitate

12. securitatea nu poate fi impusă
întotdeauna doar prin elemente fizice

13. separarea privilegiilor
utilizatorilor la nivel de aplicație

14. separarea privilegiilor la nivel de
SO prin intermediul kernel-ului

15. separarea SO prin intermediul
separării fizice a hardware-ului

16. separarea la nivel de rețea prin
intermediul unui firewall

17. ce este virtualizarea?

18. proces prin care o entitate fizică e
făcută să se comporte ca mai multe
entități logice independente

19. ce se poate virtualiza?

20. platforme

21. resurse

22. aplicații

23. desktop

24. mituri de securitate

25. ”dacă îmi protejez mașina gazdă, și
mașinile virtuale vor fi protejate”

26. ”fișierele .VHD/.VMDK sunt implicit
sigure”

27. ”dacă expun o mașină virtuală,
trebuie să-mi expun toate mașinile
virtuale, și mașina gazdă”

28. ”toate mașinile virtuale
se <<văd>> între ele”

29. tipuri de atacuri

30. jailbreak attacks (escapes)

31. migration attacks

32. virtual/physical
network service attacks

33. encryption attacks

34. exemple de atacuri raportate

35. feb 2007, apr 2009
VMware / ESX
VMware Workstation escape attack

36. oct 2007, Secunia
open-source Xen hypervisor
obținere de privilegii neautorizate

37. 2007
Microsoft Virtual PC & Microsoft Virtual Server
vulnerabilitate care permitea unui guest să
ruleze cod pe host sau pe alt guest

38. câteva link-uri...

39. http://searchsecurity.bitpipe.com/detail/RES/1213273947_134.html
http://www.foolmoon.net/cgi-bin/blog/index.cgi?mode=viewone&blog=1185593255
http://www.securityfocus.com/bid/29183/info
http://secunia.com/advisories/29129/
http://seclists.org/fulldisclosure/2007/Sep/0355.html
http://lists.vmware.com/pipermail/security-announce/2009/000055.html
http://www.immunityinc.com/documentation/cloudburst-vista.html
http://taviso.decsystem.org/virtsec.pdf
http://www.eecs.umich.edu/techreports/cse/2007/CSE-TR-539-07.pdf
http://www.stanford.edu/~talg/papers/HOTOS05/virtual-harder-hotos05.pdf

40. soluții de securitate
bazate pe virtualizare

41. sandboxing
http://en.wikipedia.org/wiki/Sandbox_(computer_security)

42. high availability

43. disaster recovery

44. forensic analysis

45. honeypots / honeynets
http://en.wikipedia.org/wiki/Honeypot_(computing)

46. soluțiile de virtualizare sunt
într-o continuă evoluție

47. exemplu concret:
Hyper-V R2 și SCVMM R2

48. Hyper-V Server 2008 R2 vs. Windows Server 2008 R2
Windows Server 2008 R2 EE,
Microsoft Microsoft
Capabilities DC
Hyper-V Server 2008 Hyper-V Server 2008 R2
(Hyper-V)
Number of Logical
24 64 64
processors supported
Number of Sockets
Up to 4 Up to 8 Up to 8 = EE | Up to 64 = DC
(Licensing)
Memory Up to 32 GB Up to 1 TB Up to 1TB
VM Migration None Quick and Live migration Quick and Live Migration
Number of VM’s per node 32 (server workloads) 32 (server workloads)
Not applicable
in a cluster 64 (VDI workloads) 64 (VDI workloads)
Virtualization Rights for
EE = 4 VM
Windows Server 2008 0 0
DC = unlimited VM’s
guests
Number of running VM Up to 192, or as many as Up to 384 or as many as physical resources Up to 384, or as many as physical
Guests physical resources allow allow resources allow
Windows Server 2008 CALs
Required for Guest Server No No Yes
OS
Windows Server 2008 R2, Windows Server 2008 & SP2, Windows Server 2003 SP2, Windows 2000 Server, SLES
Guest OS support
10, SLES 11, Red Hat Enterprise 5.2/5.3, Windows 7, Windows Vista SP1, SP2 & Windows XP SP3/SP2

49. odată cu R2, Hyper-V™ devine cu
adevărat competitiv

50. Hyper-V R2 - scalabilitate în producție
• Microsoft.com: ~50% Hyper-V (în creștere)
– ~1.2 miliarde de hit-uri pe lună
• MSDN/TechNet: 100% Hyper-V
– ~1 milion de hit-uri pe zi, fiecare
• Connect, Codeplex, Social: 100% Hyper-V
• Microsoft IT (4 clustere, incluzând unul cu 16 noduri)
• Microsoft Global Foundation Services
– peste 1300 VM-uri pentru Windows Live games

51. tehnic, soluțiile de virtualizare
existente sunt oarecum echivalente

52. diferența o fac instrumentele de
administrare / management

53. System Center Virtual Machine Manager
http://www.microsoft.com/systemcenter/virtualmachinemanager/en/us/features.aspx

54. în final, un feedback din
industrie (hosting / VPS)

55. ”From a hosting perspective, virtualization is all
about control. Servers multiply fast and you
need to keep track of who has them and what
they are doing with them. Customer data,
resource data and usage data are essential.”
Ross Brouse, CEO

56. ”I knew that would be the biggest hurdle when I
started this thing, that's why I chose Parallels. Not
because the software was insecure and unstable, but
because I needed to automate. Automation is what
Xen, Hyper-V, VMWare and all the other solutions out
there lack. All of their solutions are built for the
enterprise, which in this day and age is a mistake. Not
that its a bad market, but these companies have such
poor focus on the service provider.”
Ross Brouse, CEO

57. întrebări

58. mulțumesc.

59. Tudor Damian
IT Solutions Specialist
tudy