Virtualization security resources

VMWARE:


DISA guide: VMWare "ESX Server Security Technical
Implementation Guide"


http://iase.disa.mil/stigs/checklist/esx_server_checklist_v1r1_30_apr_2008.pdf


VMware Infrastructure 3 Security Hardening
guide


http://www.vmware.com/resources/techresources/726


Tripwire ConfigCheck (a free utility that assesses the
security of VMware ESX deployments)


http://www.tripwire.com/configcheck/



VMDetect
http://feedfury.com/content/1401602-vmdetect_by_danny_quist_source_exe.html


XEN: 'XEN architecture
overview'


http://wiki.xensource.com/xenwiki/XenArchitecture?action=AttachFile&do=get&target=Xen+Architecture_Q1+2008.pdf


"Owning Xen in Vegas!" (Blog entry from Joanna
Rutkowska)
:

http://theinvisiblethings.blogspot.com/2008/07/0wning-xen-in-vegas.html


XENON:


John McDermott presentation on Xenon at Xen Summit
2007
:

'http://www.xen.org/files/xensummit_4/XenSummitSpring07_McDermott.pdf'


Video and presentation slides of John McDermott's talk
on Xenon at Xen Summit
2008:
http://www.xen.org/xensummit/xensummit_summer_2008.html


'Re-engineering Xen internals for higher-assurance
security' (Paper on Xenon)
:

http://www.gcn.com/newspics/XenInternals.pdf


VIRTUALIZATION SECURITY RESEARCH:


"Bridging the Gap between Software and Hardware
Techniques for I/O Virtualization" (USENIX refereed
paper):
http://www.usenix.org/events/usenix08/tech/santos.html


"Protection Strategies for Direct Access to Virtualized
I/O Devices" (USENIX refereed
paper)
http://www.usenix.org/events/usenix08/tech/willmann.html


DMZ ISSUES


CIO magazine: "Virtual Servers in the DMZ Pose Security
Risks"
http://www.cio.com/article/382113/Virtual_Servers_in_the_DMZ_Pose_Security_Risks


'DMZ Virtualization with VMware
Infrastructure' (VMWare white paper)
http://www.vmware.com/resources/techresources/1052


'


'



About the Author

Joab Jackson is the senior technology editor for Government Computer News.

inside gcn

  • cell towers (Thatsaphons/Shutterstock.com)

    FirstNet awarded to AT&T

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group