COMPUTER SECURITY

  • Category:
    Logic & Programming
  • Document type:
    Assignment
  • Level:
    Undergraduate
  • Page:
    2
  • Words:
    1232

Unit code and title

Assignment title

Introduction

Virtualization involves the installation of virtual machines in two ways; Type I where the VM can be installed on a guest operating system where the VM acts as the server software that is controlled by a guest OS and Type II where the VM is installed on a host operating system. In this case, we will be dealing with a Type II implementation of the Virtual machine where the VMware is installed on a Windows XP operating system.

The paper will further discuss the various security issues that are associated with the installation of a VMware in the Windows XP environment. The issues are further classified as operating system issues, software issues that include both system and application issues and configuration issues.

Operating System Issues

Virtual machines run on host operating systems installed in machines. Consequently, issues relating to operating systems could also affect the functioning and operation of the VMWare virtual machine. VMware may require full control of resources to function which range from the minimum requirements of protecting the VMM’s own system resources, to complete control. This allows it to observe and manipulate VM data and operation. The minimal case presents few security issues, but the steps taken to enable this can easily result in more control than is strictly necessary, which can enhance or weaken security as concerns various parties (Pearce, Zeadally & Hunt, 2013). The host operating system may have various issues that are common to all operating systems but which can significantly affect the VMWare virtual machine. Some of these issues are discussed in the sections below.

Explanation

Supporting References

Resource Starvation and System Bugs

Resource starvation and bugs are threats that originate from both the VMware virtual machine and the host operating system. Essentially, the Virtual machine bugs or errors can be used to crash the emulator and even prevent access to the administrative channels in the VMware.

On the other hand, resource starvation refers to starvation of resources including the RAM, CPU among others from other parts or other resource users in the system.

Bugs in the VMware and in the host Operating System will cause the administrative interface to stop functioning.

On the hand, resource starvation causes potential failures and performance problems in both hardware and software.

(Pearce, Zeadally & Hunt, 2013)

System Overprovisioning

Overprovisioning is also an operating system security risk which is quite complex particularly in virtualized environments. This threat is amplified in situations that need page sharing. In these cases, the VMware have identical memory contents that are mapped to shared memory locations. This is important for the operating systems but they must be taken into account to avoid overprovisioning of memory.

(Pearce, Zeadally & Hunt, 2013)

Operating System Network threats

Network threats from operating systems can negatively impact on the VMware by degrading the performance and to some extent make the VMware dysfunctional. This threats mainly result in network flooding attacks that can be mitigated through proper firewalling and use of network routes designed to handle dangerous network traffic.

(Pearce, Zeadally & Hunt, 2013)

Software Issues

Majority of the security threats in VMware do not come directly from the inherent properties of virtualization but from the manner in which it is used and implemented. These issues are mainly associated with decoupling of software from the physical environment and the expansive software and hardware attack surface (Fogarty, 2009). The leading threats are software issues because of the fact that a virtualized environment has more total software than a non-virtualized environment. Some of the software issues and threats are discussed below.

Explanation

Supporting References

Virus and malware

Viruses and malware are a common software threat in most systems. This threat occurs when malicious code is executed and can result in unprecedented behaviour of the overall system. Viruses attack software that are installed in the VMware and in the host Operating Systems.

In most cases this threat results from poor security measures used to secure the system and the inherent software.

A perfect example of this threat is when one realizes that there are missing files, or corrupt files in the system after installation of a software.

(Pearce, Zeadally & Hunt, 2013)

Resource Starvation

Resource starvation is also a software issue with regard to VMware security. Some software may take up all the system resources during execution to the extent that the VMware lacks sufficient resources to complete its processes.

Consequently, the system may experience prolonged down time or network interruptions.

(Pearce, Zeadally & Hunt, 2013)

Denial of service attacks

This threat is related to resource starvation in many aspects. When a software execution monopolizes the resources needed by the VMware and other processes, it results in denial of service.

The VMWare processes are denied services and resources include access to CPU, RAM among others.

(Fogarty, 2009)

Configuration Issues

Proper configuration of the VMware is essential to ensure optimum functionality and to eliminate issues that could pose security threats. Configuring a VMware is a stepwise and systematic process that must be keenly followed. Configuration range from installation of VMware tools, regular update of these tools, installation and upgrading of VMware network devices, setting memory limits, maintaining VMware snapshot age and size and configuring the Virtual machine logging (Fogarty, 2009). Some of the configuration issues are discussed below.

Explanation

Supporting References

Missing or Outdated VMware tools

VMware tools are a suite of utilities that are used to enhance the performance of the VM. These improves the ability of the host Operating System to manage the virtual machine.

In their absence or if they are not updated regularly, the functioning of the system is significantly affected.

It will also affect the performance of the host operating system by reducing their resource utilization and reducing the efficiently of VM to host consolidation that negatively affects the returns on investment for the virtual infrastructure environment.

(Fogarty, 2009)

Patching and maintenance issues

Patching and maintenance is required on a regular basis to keep up with the ever changing VM environment. The process is always constant and labour intensive and ensures that each VM is secured.

Lack of the continuous process result in vulnerabilities that could affect the security and functionality of the system.

(David, 2015)

Old Virtual Machine Network Devices

When the VMware is not kept up to date, the network performance is reduced and cannot perform as it should. The network components must always be updated to ensure optimum functionality of the VMware.

Unknowingly using the outdated Network devices could result I poor performance that also impact on other system security efforts such as installation of firewalls and intrusion detection.

(David, 2015)

VMware logging limitations

VMware logging in files are rotated whenever the VMware is restarted. Therefore, it is important to have VMware log files that can be useful for solving problems.

Additionally, it has been reported that some of the VMware log files have been used to create denial of service attacks.

When the Log files are misconfigured, the system may be vulnerable to denial of service attacks that may bring down the entire virtual machine environment and infrastructure.

(David, 2015)

References

David, D. (2015, January). Solving the Five Most Common VMware Virtual Machine Issues. Opvisor. Retrieved from http://opvizor.com/wp-content/uploads/2015/01/Solving-the-Five-Most-Common-VMware-Virtual-Machine-Issues-FINAL.pdf

Fogarty, K. (2009). Server Virtualization: Top Five Security Concerns. CIO. Retrieved from http://www.cio.com/article/2428191/virtualization/server-virtualization—top-five-security-concerns.html

Pearce, M., Zeadally, S., & Hunt, R. (2013). Virtualization: Issues, security threats, and solutions. ACM Computing Surveys (CSUR)45(2), 17.