Datacenter administrators have something in common with attackers - privilege. Isolating security from the data being secured is the Goldilocks zone of security - isolation and context, together. Virtualizing data centers was viewed as a risky proposition, but that time has passed. There was a mid-time when security was just catching-up to being "good enough". Now, leveraging the very nature of virtualization, security has become better than before.
Join us as we discuss the long-standing problem in security: balancing context with isolation. For example, a network security device is isolated from the endpoint, but it has limited context about what is happening within the endpoint. Alternatively, antimalware tools running within an endpoint have rich context, but no isolation - if the endpoint is compromised, so is the antimalware.
With virtualization, vendors have taken advantage of isolation that is enforced by hardware - virtual machines running on a hypervisor are strictly isolated from one another, and the hypervisor. The hypervisor, acting between hardware and virtual machines, also has rich contextual information about everything running within a virtual machine.
New research, within the Xen hypervisor, allows security to operate at the hypervisor layer - achieving isolation with full context.
- Hypervisors act as a barrier between hardware and VMs, enabling antimalware tools to run in that layer rather than at the endpoint;
- Virtualization offers data center admins complete contextual information about your VMs without imperiling the needed isolation from attackers;
- Antimalware tools at the hypervisor layer use a zero footprint, which doesn't tax the performance of VMs or the hardware that hosts them;
- Hybrid IT infrastructures can improve security by leveraging hypervisor-based Memory Introspection.