Secure Virtualization: Achieve And Maintain IT Security In Virtual Environments

Virtualization software makes IT personnel to deploy and manage new servers and other infrastructure components. However, these same beneficial capabilities of virtualization also permit risk to be rapidly introduced into the enterprise.

To ensure virtualization is a success, it is vital that IT organizations take a pragmatic approach to its risks and implement detective controls to mitigate those risks. Andi Mann, Research Director at EMA, has stated that while virtualization brings real benefits, it can also cause some issues, especially for organizations that do not implement policy-based management tools to administer this new environment.2 The effective change and configuration management processes so vital to the physical environment have become even more critical with the virtual environment. A robust configuration audit and control solution such as Tripwire Enterprise provides the proactive configuration assessment and automated change detection throughout the virtual environment to ensure the same level of stability is maintained within a virtualized environment as it is on stand-alone systems.

Customers embrace virtualization for a variety of reasons, although most are attracted to the cost reductions, management flexibility and efficiency touted as immediate benefits of a virtualized environment. A smaller percentage of businesses turn to virtualization to increase business resiliency—for example, to support disaster recovery and business continuity efforts. As the virtualization space matures, this latter trend is expected to grow.