A Guide to Virtualization Hardening Guides

by Dave Shackleford
Sept. 1, 2017 0 comments SANS Institute best practices cloud computing

As virtualization adoption grows, most security teams are already developing internal policies and processes that define how virtual infrastructure should be enabled and maintained.However, virtualization is a complex technology with many facets and numerous types of controls that can be implemented to secure virtual assets and their host machines. VMware has released several guides explaining how to securely configure VMware’s Virtual Infrastructure 3 and the newest version of VMware’s enterprise solution, vSphere.1 Several other well-known guides have been released from organizationssuch as the Defense Information Systems Agency (DISA)2 and Center for Internet Security (CIS).3 With so many guides to turn to, many security analysts are left wondering what guidelines to apply and how to apply them in accordance with particular organizational needs.