Virtualization security resources

VMWARE:


DISA guide: VMWare "ESX Server Security Technical
Implementation Guide"


http://iase.disa.mil/stigs/checklist/esx_server_checklist_v1r1_30_apr_2008.pdf


VMware Infrastructure 3 Security Hardening
guide


http://www.vmware.com/resources/techresources/726


Tripwire ConfigCheck (a free utility that assesses the
security of VMware ESX deployments)


http://www.tripwire.com/configcheck/



VMDetect
http://feedfury.com/content/1401602-vmdetect_by_danny_quist_source_exe.html


XEN: 'XEN architecture
overview'


http://wiki.xensource.com/xenwiki/XenArchitecture?action=AttachFile&do=get&target=Xen+Architecture_Q1+2008.pdf


"Owning Xen in Vegas!" (Blog entry from Joanna
Rutkowska)
:

http://theinvisiblethings.blogspot.com/2008/07/0wning-xen-in-vegas.html


XENON:


John McDermott presentation on Xenon at Xen Summit
2007
:

'http://www.xen.org/files/xensummit_4/XenSummitSpring07_McDermott.pdf'


Video and presentation slides of John McDermott's talk
on Xenon at Xen Summit
2008:
http://www.xen.org/xensummit/xensummit_summer_2008.html


'Re-engineering Xen internals for higher-assurance
security' (Paper on Xenon)
:

http://www.gcn.com/newspics/XenInternals.pdf


VIRTUALIZATION SECURITY RESEARCH:


"Bridging the Gap between Software and Hardware
Techniques for I/O Virtualization" (USENIX refereed
paper):
http://www.usenix.org/events/usenix08/tech/santos.html


"Protection Strategies for Direct Access to Virtualized
I/O Devices" (USENIX refereed
paper)
http://www.usenix.org/events/usenix08/tech/willmann.html


DMZ ISSUES


CIO magazine: "Virtual Servers in the DMZ Pose Security
Risks"
http://www.cio.com/article/382113/Virtual_Servers_in_the_DMZ_Pose_Security_Risks


'DMZ Virtualization with VMware
Infrastructure' (VMWare white paper)
http://www.vmware.com/resources/techresources/1052


'


'



About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected