Can virtualization solve security problems?
DOD seeks information on whether the technology can bolster data and infrastructure security
- By Doug Beizer
- Sep 17, 2009
Some security experts have raised concerns about virtualization because they fear that viruses and cyberattacks could jump from one virtual computer to another faster than they would on physical machines. In addition to their short-term disruptions, cleaning up the mess from such intrusions could be expensive and undermine the savings managers were expecting virtualization to deliver.
But what if virtualization could boost security instead of being a liability?
A Defense Department task force has been exploring the answers to that question as it looks for new ways to safeguard information about weapons systems, technology infrastructure, and combat capabilities on department and contractor networks.
In a recent request for information, DOD officials said modern operating systems and applications might be too large and complex to secure in traditional ways.
“It may be that the era of monolithic general-purpose operating systems is nearing its end and could be replaced by a cluster of modules or virtual appliances acting in concert to perform services traditionally supplied by operating systems,” DOD officials wrote in the RFI.
DOD officials said they believe virtual technology could be the answer to their security woes. Specifically, they are exploring the use of virtualization to:
- Make it easier to reconfigure systems that might have been comprised.
- Create trusted, isolated computing enclaves for conducting sensitive work.
- Support a program in which employees could buy laptop computers for personal use and perform work functions on them by using a virtualized version of DOD’s software.
DOD’s investigation is still in the early stages, but several industry experts say the department is on the right track because there are already forms of virtualization that could help improve security matters immediately. Here are some ways the technology could benefit DOD.
Proposition 1: Ease troubleshooting and reconfiguration
A hypervisor is software that makes it possible to run distinct servers on a single physical machine. Hypervisors are at the heart of server virtualization products. However, some experts say hypervisors create security risks because an attack could jump from one virtual system to another via the software.
Others counter that the technology specifically addresses DOD’s concerns about securing networks. For example, virtualization gives managers a better way to monitor their networks, said Edward Haletky, a consultant at AstroArch Consulting.
In a traditional environment, security managers must deploy software-monitoring agents on every system in the data center. “With virtualization, you run agents in one place — the hypervisor,” Haletky said. “I can look at all of the traffic, and if I don’t like what I see, I can deny it access.”
Administrators could also use virtualization to create a master image of what servers in a specific data room are supposed to look like. If a server is compromised, the administrators could quickly and easily reset the system to the original template.
Proposition 2: Create safe havens
The idea of segregating certain activities from one another has been part of computer security since the inception of networks, but virtualization might make it easier and more cost-effective, said Kevin Scapinetz, a technology strategist at IBM.
A common security technique is the creation of a test bed for malicious behavior. Information technology employees use those enclaves to figure out what potential attacks are coming in and analyze attackers’ behavior.
“In the same regard, you can set up trusted enclaves, not to be used in that Petri dish manner but to set up communities of interest to be able to talk to each other and have very confidential and private communications between machines,” Scapinetz said.
It is possible to create trusted enclaves in a traditional environment, but virtualization makes it easier because it reduces the amount of physical assets required, he added.
IBM’s Trusted Virtual Data Center research project is an example of the kind of functionality that DOD is seeking. The project isolates activity by customer sets, such as human resources and finance, and also separates the network, routers and other infrastructure.
It creates a virtual data center that ensures that the partitions are secure across the entire infrastructure.
Proposition 3: Secure desktop computers
With desktop and laptop computers, there are some security issues that cannot be solved with patches and antivirus software, said Monica Lam, a computer science professor at Stanford University.
“The only way to solve this problem is to go out of the box,” she said. “Virtualization allows you to do that because you now have a layer outside the box that changes the content on the inside.”
The virtual-machine desktop that Lam proposes differs from a thin-client model in which most application processing and all data storage are on a server at the data center that regularly communicates with the desktop computers. That model can be problematic if the network connection between two machines is slow or fails.
With desktop virtualization, the client computer periodically downloads the latest version of the desktop software from the server and operates only that version. In this way, IT managers can dynamically control what users can and can’t do. Managers can also customize the security settings and change them when needed. And the desktop PC can still operate if the network connection is not available by running the last server update.
“The organization’s IT department prepares a virtual image and keeps updating it, making sure it is always secure and has all the latest patches,” Lam said.
The virtual environment is completely isolated from the host machine and leaves no trace of data on the client device when it shuts down. Managers can even remotely destroy the image if a device is lost or stolen.
Lam and some of her students founded a company that provides virtual-desktop technology called MokaFive Player that is available via download or preinstalled on USB devices.
Doug Beizer is a staff writer for Federal Computer Week.