

Webster 2, 3 3 gold badges 19 19 silver badges 18 18 bronze badges. How secure are virtual machines really? False sense of security? Ask Question.


Create a free Team Why Teams? Learn more about Teams. Stack Overflow for Teams - Start collaborating and sharing organizational knowledge.

The best answers are voted up and rise to the top. Look for them first in the popular cloud platforms. All SW may have security bugs implementation vulnerabilities, so it is also important to have a vulnerability management program to quickly identify and patch such.Įxploits that are specifically designed to run in vms and target bugs in the underlying host kernel are inevitable. All complex SW can be misconfigured, exposing vulnerabilities. If you use a hypervisor that has not been independently validated, you're taking the vendor's word that its does what they claim it does and does it correctly. Hypervisor security capabilities and assurance in their correct operation: Different hypervisors make different claims in terms of VM isolation and control over VM to physical HW resources.įor instance, ESXi claims "VM domain isolation" and it has been independently evaluated for this and other security requirements through the Common Criteria CC process. They also don't typically have the same control over the HW as Type 1 hypervisors do. Type 2 hypervisors will not be any more secure than the underlying Host OS. The distinction between Type 1 bare metal and Type 2 hypervisors is an important one. That is also an underlying premise in using Cloud Service Providers CSPs where multi-tenant systems share the same HW, using not only virtualized servers, but also virtual networks and storage. Of course, the network is another vector that needs to be addressed.
