Docstoc

Virtual Machines Real Security (PowerPoint)

Document Sample
Virtual Machines Real Security (PowerPoint) Powered By Docstoc
					Virtual Machines = Real Security

Ernest Staats erstaats@gcasda.org MS Information Assurance, CISSP, MCSE, CNA, CWNA, CCNA, Security+, I-Net+, Network+, Server+, A+ Resources available @ http://www.es-es.net

Outline
• • • • • • • • • • • Virtual Machines What is VM software Three types of VM Advantages of Virtual Machines Disadvantages of VM Technology Well known supported VM software Using VM technology for securing your network Tools to help you use VM software better Top VM Software tools Notice Suggested Resources

What is VM Software?
• Running multiple independent virtual operating systems on a single physical computer.
• It is a way of maximizing physical resources to maximize the investment in hardware. It is now feasible to turn a very inexpensive 1U dual-socket dual-core commodity server into eight or even 16 virtual servers that run 16 virtual operating systems. • An abstraction layer that separates the physical hardware from the operating system • Makes DR and testing DR truly an option without impacting daily life for most users • Turns a physical machine in to a file that can be moved from one system to another.

Three Types of VM
• Hardware Virtualization:
– Most known technology
• VMWare • Parallels • Microsoft

– Basically virtualizes hardware resources so all VMs “think” they have exclusive access to the hardware resources

• PARA- Virtualization:
– Can also support multiple OS's, Linux and some Windows versions with the right CPU chips
• Xen has more efficient processing and lower overhead which translates into better performance.

Three Types of VM Cont.
• OS Virtualization:
– Is a different approach
• Sun’s Solaris Containers • SWsoft’s Virtuozzo • Open Source OpenVZ.

– It uses a single OS and can not support multiple types of OS's on the same server. Although you can have multiple OS's as long as they are the same as the host machine. – When you patch the host OS you also patch all the VM’s at the same time.

Advantages of Virtual Machines
• • • • • • • • • • • Quicker live backup and deployment Faster recovery from bad patches or updates Faster recovery after an attack Better use of Hardware resources Can Reduce support cost.. Automatic Provisioning during system failure (Cassatt and others) Power savings Test your server configuration backup before they are needed Lab environment to test upgrades, new versions, new configurations Fix issues without worrying about crashing a production server Rapid Deployment Great for Security auditing and penetration testing Environment Test ISO images before you waste CD/DVD to make sure they work UBCD4WIN, BackTrack Monitoring your network

•

Disadvantages of VM Technology:
• Several Management Tools still lack ability to fully understand virtual machines • Rapid Deployment • Latency of Virtual Disk
– VM ware 13% IEEE 2003 study – MS Server 28% CapitalHead.com – (OS VM technology will not have these issues as bad and SAN’s or I-SCSI can also reduce or eliminate this bottle neck)

• Dealing with sever sprawl • Managing, Patching, and Securing, so many systems can become challenging • Dealing with Backups of VM and their data sets • Monitoring VM Specific Security issues (Blue Pill)

Well Known & Supported VM Software:
• Server Virtual Machines:
– VM Ware Server – runs on top of windows or Linux -- Free – GSX server runs on top of Windows or Linux replaced by VM Server – ESX server starting at 1000 & UP installed on Bare metal boxes No OS – Microsoft - Virtual Server - Free

• Xen
– Xen - Open Source Options- Free for Linux distributions only – Xen Enterprise As low as 488 a year and UP annual and perpetual subscriptions • SWsoft Virtuozzo- Windows & Linux starting at $1200 – OpenVZ – Free but Linux only

Well Known & Supported VM Software Cont:
• PC Based options include:
– VM Ware workstation – Microsoft Virtual PC – Parallels Workstation for Windows and Linux – Parallels Desktop for Macintosh

Using VM Technology to Secure the Network
• DR with VM:
– Take server reload time from hours/days to minutes or at most couple of hours – Auto provision servers when one fails a new one can automatically be started up, have the VM loaded, and production resumes in minutes when hardware fails.

• Software testing and deployment of new applications:
– Quickly setup a test lab environment – Train users without disrupting production systems – Load code on systems that mimic true production environment to user interoperability. – Test patches without interruption of production systems

• Penetration Testing
– VM workstation - Penetration testing, system auditing, and file recovery with UBCD4Win and Remote exploit

Network Auditing & Pen Test:
• Using VM to load security tools • Using VM to load hacking tools that might disrupt your system • Browse hacking/security sites without compromising a network PC
– Truly anonymous surfing test security software on a sacrificial VM file

• Use a VM machine that runs as a server in the background to constantly audit your system.

Managing Network Resources
• Management and Policy Control Software:
– SWsoft’s Ability to manage several servers from one interface and to have one host system which when patched means all other systems on that host OS is also patched – Automatically bringing more severs online when loads reach a set threshold – Lessen the exposure factor if your organization only has a few key servers by being able to bring a VM of them up if they should fail your network is not taken offline for prolonged periods of time – Cassatt – Virtual Iron
• Load balancing and Auto provisioning DR

– Xen Enterprise has some tools – VMware also has some tools – MS Windows Server 2003 Automated Deployment

Helpful VM Tools:
• P2V Physical to Virtual
– – – – – PlateSpin VMware Leostream HelperApps Xen Enterpise MS Virtual Server Migration Toolkit - MS Virtual Server P2V Migration
Toolkit (free-- great way to backup servers)

• Ultimate-P2V Article on how to cheaply move from P2V
– http://www.rtfm-ed.co.uk/?page_id=174

• V2P Virtual to Physical great for deploying a standard image across different hardware
– PlateSpin – VMware

• Plate Spin Recon to determine current server utilization and automatic load balancing or provisioning

Helpful VM Tools Cont:
Management and control software:
– Cassatt – Virtual Iron
• Load balancing and Auto provisioning DR

– Policy Based VM software • Backup software
– – – – – Never Fail http://www.neverfailgroup.com ESX Ranger http://www.visioncore.com Install backup agent on VM ware Use MS windows backup inside of VM environment Use VM wares pearl scripts to backup VM images live

• Parallels Compressor Server:
– Speed up VM Machines by compressing them
• http://www.parallels.com/en/products/compressor/server/

MS Virtual Server Tools
• Virtual Server 2005 Migration Toolkit
– http://www.microsoft.com/windowsserversystem/virtualserver/e valuation/vsmt.mspx

• Windows Server 2003 Automated Deployment Services
– http://www.microsoft.com/windowsserver2003/technologie s/management/ads/default.mspx

• Microsoft Virtual Server 2005 Management Pack
– http://www.microsoft.com/downloads/details.aspx?familyid=BF 21F798-9B10-40DC-BCDD-4A8358CCE94D&displaylang=en

• Virtual PC vs. Virtual Server: Comparison of Features and Uses
– http://www.microsoft.com/downloads/details.aspx?FamilyID=8 ed0a6cb-0f24-408e-af8f-51edf508d361&DisplayLang=en

Avoid “All Your Eggs in One Basket"
• Common Server Types:
– – – – – – – – HTTP FTP DNS DHCP RADIUS LDAP File Services using Fiber Channel or iSCSI storage Active Directory services

•

Have spare bare metal ready to go or better yet do load balancing to increase response time and have a failover backup in place

Comprehensive Technology Partner Ecosystem
• • Applications Management Citrix, ORACLE, Business Objects, IBM, bea, SAP IBM, BMC Software, Altiris, HP, CA, Symantec, OPSWARE Inc. Redhat, SUSE, Microsoft, Sun, Novell Intel, AMD

•
• • • •

Operating System
CPU I/O Subsystem Networking Storage

QLogic, Emulex, intel, broadcam
Cisco Systems, Check Point EMC2, IBM, HP, Net APP

Disclaimer
• This presentation only covered the more common VM options there are many more options including Virtual appliances which would be a totally different presentation. • VMware, for example, in June introduced VMware Infrastructure 3, which heightens the focus on management and high availability to enable customers to group virtual resources into a pool that can be allocated according to application demands

Suggested Resources:
• Step by Step Power Points for deploying VM
– – – – Put together by one of my Helpdesk Crew At GCA he is a Junior at GCA Step-by-Step Creating a VM Server Virtual server http://www.es-es.net/ Step-by-Step Creating a Microsoft Virtual Server http://www.es-es.net/ Step-by-Step Creating a Open Source Xen Virtual Server http://www.eses.net/

•

Overview Video for Xen Enterprise http://www.xensource.com/download/#

• The two best General articles I have read about installing VM technology
– Installing Virtual Server 2005 -- Microsoft Virtual Server from the ground up
• http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1219809,00. html?bucket=ETA&topic=303910

– How VMware Server works -- Getting started with VMware on Windows
• http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1226945,00. html

• •

Cassatt Whitepaper Iron Geek. Com great step by Step videos for security/Hacking Demos he demonstrates how to leverage VM technology for penetration testing and network auditing.

More Reading Links
• SWSOFT Virtuozzo Top Ten Considerations
– For Choosing a Server Virtualization Technology
• http://searchservervirtualization.bitpipe.com/detail/RES/1126614813_718. html?asrc=SS_BSS_HOME

• Virtuozzo-Wikipedia.org
– http://en.wikipedia.org/wiki/Virtuozzo

• Virtuozzo commands virtual server stage
– http://www.infoworld.com/article/06/04/21/77439_17TCvirtu_1.html

• Virtuozzo White Papers
– http://www.swsoft.com/en/products/virtuozzo/lib/request/wp/ – http://www.swsoft.com/r/pdfs/Datasheets/vz_enterprise.pdf

• The Hidden Costs of Virtualization
– http://searchwinit.techtarget.com/columnItem/0,294698,sid1_gci1219 939,00.html – http://searchservervirtualization.techtarget.com/columnItem/0,294698, sid94_gci1217705,00.html

• Ultimate-P2V Article on how to cheaply move from P2V
– http://www.rtfm-ed.co.uk/?page_id=174


				
DOCUMENT INFO