Virtualization security resources

VMWARE:


DISA guide: VMWare "ESX Server Security Technical
Implementation Guide"


http://iase.disa.mil/stigs/checklist/esx_server_checklist_v1r1_30_apr_2008.pdf


VMware Infrastructure 3 Security Hardening
guide


http://www.vmware.com/resources/techresources/726


Tripwire ConfigCheck (a free utility that assesses the
security of VMware ESX deployments)


http://www.tripwire.com/configcheck/



VMDetect
http://feedfury.com/content/1401602-vmdetect_by_danny_quist_source_exe.html


XEN: 'XEN architecture
overview'


http://wiki.xensource.com/xenwiki/XenArchitecture?action=AttachFile&do=get&target=Xen+Architecture_Q1+2008.pdf


"Owning Xen in Vegas!" (Blog entry from Joanna
Rutkowska)
:

http://theinvisiblethings.blogspot.com/2008/07/0wning-xen-in-vegas.html


XENON:


John McDermott presentation on Xenon at Xen Summit
2007
:

'http://www.xen.org/files/xensummit_4/XenSummitSpring07_McDermott.pdf'


Video and presentation slides of John McDermott's talk
on Xenon at Xen Summit
2008:
http://www.xen.org/xensummit/xensummit_summer_2008.html


'Re-engineering Xen internals for higher-assurance
security' (Paper on Xenon)
:

http://www.gcn.com/newspics/XenInternals.pdf


VIRTUALIZATION SECURITY RESEARCH:


"Bridging the Gap between Software and Hardware
Techniques for I/O Virtualization" (USENIX refereed
paper):
http://www.usenix.org/events/usenix08/tech/santos.html


"Protection Strategies for Direct Access to Virtualized
I/O Devices" (USENIX refereed
paper)
http://www.usenix.org/events/usenix08/tech/willmann.html


DMZ ISSUES


CIO magazine: "Virtual Servers in the DMZ Pose Security
Risks"
http://www.cio.com/article/382113/Virtual_Servers_in_the_DMZ_Pose_Security_Risks


'DMZ Virtualization with VMware
Infrastructure' (VMWare white paper)
http://www.vmware.com/resources/techresources/1052


'


'



About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.