What Is It?
Virtualisation enables a single piece of computing hardware to run multiple other virtual instances of computers, through sharing the underlying resources such as the processor, random access memory (RAM), storage and any peripherals.
Why Assess It?
There are many reasons to conduct a virtualisation security assessment, five of which are below.
Core Security Validation
The underlying software that apportions resources is also responsible for securing the independence of each virtual machine. Inside the configuration of this it is possible to allow inter-virtual machine communication both at a network level without traversing onto your physical network, as well as share files and folders and other resources. Therefore, it is critical to validate that your assumptions of each virtual machine being independent is correct through conducing this assessment.
Resource Stability
Virtualisation software is responsible for apportioning how much of the resources from the hosting infrastructure each virtual machine has. Whilst this may not immediately be obvious as a security concern, it does mean that resource exhaustion is a risk and could result in your organisations critical services becoming unresponsive. Assessing the usage of security minded resourcing allows you confidence to allay this concern.
Network Risk Exposure
The virtualisation software itself exposes network services, both for communicating with clusters or pools of virtualisation platforms but also for the management of the service at this low level. It is critical to have assurance that these commonly attacked services are not posing a threat to your virtualised infrastructure or wider organisation. It is worth remembering that a breach at this low layer in your infrastructure results in a compromise of everything being hosted on top of it.
Increasing Scalability
Most organisations have several virtualised servers that host organisational critical functions. By ensuring that the configuration of the virtualisation infrastructure is robust from a security perspective, it allows the organisation to confidently host more services from expensive and often over resourced dedicated hosts to virtualised instances which increases redundancy capability, guarding against hardware failure.
Cost Reduction
Through having confidence in your virtualisation infrastructure you can be confident in migrating more services over to it, which saves on expensive dedicated hardware and further simplifies your computing estate which in turn reduces administrative overheads.
The Agility Cyber Approach
Like all our engagements, we want you to get the most out of your virtualisation security assessment and we do this by:
Deep Dive Configuration Analysis
Virtualisation configurations are extensive, the underlying host has a configuration as does each virtual machine being hosted. We take care in ensuring we have reviewed all elements of the configuration, including making judgements on the possibility of edge conditions such as resource exhaustion and other situations with sub-optimal effects.
Practical Considerations
When we review what is running on the virtualised infrastructure, we are always pragmatic, as some services are not suited to being virtualised due to the organisations operational requirements and general security best practice. Any advice given is always with your operational security in mind and we will discuss observations with you to obtain further background to ensure recommendations are suitable and commensurate with your requirements.
Simplifying Management
Like the rest of your organisation’s infrastructure, the virtualisation platform needs managing both from a configuration and patching point of view. We look at how the various platforms are being managed and, using our experience, make logical recommendations for how to simplify the process to ease the burden on the network and platform teams without compromising on security. This includes the other security relevant management considerations such as how these underlying platforms will be protectively monitored through logging for example.
Multi-Faceted Assessment
Whilst the configuration is paramount to the security of the virtualisation platform, it is important to practically look at the infrastructure in the environment too. We will ensure that the platform is reviewed from a network perspective to see what is exposed and how secure its services offered are as well as reviewing related infrastructure components if applicable in your environment, such as if you use a dedicated server to manage the virtualised infrastructure which would be subject to an assessment as well for full coverage.
Ancillary Observations
As we are inside the environment conducting the assessment, it is worth us keeping an eye out for anything else we can spot which may cause you a security challenge. An example of this is if we spot an outdated or unsupported version of operating system being hosted on the virtualised infrastructure.
Benefits of Partnering with Agility Cyber
Mutually Invested
Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.
Clarity and Simplicity
We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.
Full Consultancy
Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.
Impartiality
We are impartial, we do not sell you products or the latest buzzword laden trending solution.
Outstanding Service
We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.