BROADCASTS.com

b"

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 37 today we are discussing about So, now that I scared you with all of the threats that exists against virtual machines let's talk about how we can best secure them.Most of the things that we need to do to secure a virtual machine are very similar to things we need to do to secure a regular physical server too.This includes things like updating your operating system in your applications.Also, you need to ensure that each virtual machine has a good anti-virus solution installed.With its own software firewall, good strong passwords and good policies and all of the other security features that we're going to discuss throughout this course.For this lesson, let's focus specifically on how to secure virtual machines though.First, remember that the hypervisor whether it's a type one,type two or application containerization based model,needs to be updated and secured whenever the manufacturer releases a new security patch.For example, if an export have been discovered then you can now conduct a VM escape against VM ware, you can be certain that accompanying like VM ware is going to quickly release a patch to fix this critical vulnerability. Next you want to ensure that you limit the type of connections that is existing between the virtual machine and the physical machine.This can be represented by a virtualized network card,or even as network shares.As I'm going to demonstrate in the next lesson.Remember if a virtual machine gets infected with malware it should remain isolated from all the other virtual machine hosted by the same hypervisor. But only if you implement your configurations for isolation correctly.Just like a physical server anytime there is a connection between a virtual machine and a shared resource, something like a network file server. This is an opportunity for data to be passed between the different virtual machines, and this would break down the isolation that you may be achieving.Just like we discussed back in handling our operating systems we want to minimize and remove any features that are not needed to support our operations.When dealing with the virtual machine,remember that hardware is emilated and it can be removed just like a piece of softare would be under normal machine.If don't your virtual machine to have an emilated flappy disk or CD drive for example,you can simply remove those features.This in turn will minimize your text surface and remove potential vulnerabilities.All of your virtual machines are hosted on physical computers or servers.And so if you had many virtual machine residing on a same physical server,and an attack is able to compromise one of those virtual machines,they maybe able to force it to use a large amount of physical server resources.If they do this can affect the other virtual machines hosted on that same server.In fact this could result and denial servers for one or more of the virtual machines being hosted.To minimize this threat you should consider spreading out your virtual machines among several physical servers. In steady of relying on one single physical server to host every single virtual machine.As assessment administrator,its also important to keep tracking your virtual machines and where they are being deployed.