Virtual Security Issues
Many of the challenges in managing a virtualization security upgrade project revolves around the communication between members of an organization. The means or tools that communication efforts are based upon make no difference as long as there is a shared and accepted policy that is agreed upon between those who need to communicate. During times of transition, communication must remain in extra clear terms as the stress associated with transformation can lead to distortion and unwanted and unneeded stress.
Don't use plagiarized sources. Get Your Custom Essay on
Challenges in managing a virtualization security
Just from $13/Page
The case study suggests that guests will simply lose control during the transformation and implies that a strict or more controlling measure is needed during this time. The dependence on digital communication does not restrict other means of communication. Verbal contracts and hand written or typed notes can serve as ample, legal and practical means to communicate during any digital down time. The need to communicate can always be made through word of mouth.
The idea of control sometimes means letting go. Much like a sports fisherman, the art of becoming successful in management requires the need to give and take slack. In this case, letting go of the need to control this situation seems appropriate considering the simplicity of the situations. The actual virtualization process should not last that long, and backup communication systems are surely in place such as phone numbers and contact numbers.
The nature of this upgrade suggest that simple procedures such as third party virtualization management tools and software systems are ample means of helping with the transition. Configuring virtual hosting platforms guests and networks to one another is a crticial task to help in this effort. Separating duties and assigning least privilege controls also help in this manner as well. Most importantly integration must be performed on a level aligned with both strategic and tactical employment of all resources related to the project.
Question 2
Organization is a key component of high quality managers within an IT security environment. Virtualization security requires keen skills and a clear mind that produces a well balanced attitude towards the problems at hand. The increase of workload being accomplished by this upgrade suggests that the management has addressed many of the major concerns related to classification and order. This however may have been ignored, or insufficiently delegated to an unacceptable standard and a useable approach may need to be created from scratch to allow the system to remain functional and eventually thrive in the long run.
One concern regarding classification deals with a term called bootstrapping. Sarkar (2003) wrote about this process in his research article. He suggested that “The Small Computer Systems Interface (SCSI) is a popular family of protocols for communicating with I/O devices, especially storage devices. iSCSI is a proposed transport protocol for SCSI that operates on top of TCP. There must be no restriction of network topology between the iSCSI boot client and the boot server other than those in effect for establishing the iSCSI session. Consequently, it is possible for an iSCSI boot client to boot from an iSCSI boot server behind gateways or firewalls as long as it is possible to establish an iSCSI session between the client and the server.”
This is a concern if the proper security measures are not taken in earnest. The ability for others to sneak into backdoors or dismantle firewalls is always there, so essential information that does not need to be placed in such virtual worlds are best left behind in the real world. This practice should be enforced as a contingency for the problems that may arise during this transition. Regardless a reasonable plan should be listed as a primary concern for managers undertaking this project.
Question 3
The world of sewing produced the simple technology of patches to fix and repair torn or ripped clothing. Many times a patch works well in fixing rubber items such as inner tubes for tires. Patch management within the world of information technology suggests a similar reparative meaning that aims to add on or create new pathways to existing codes. Patch managers who are successful, will be able to locate the correct patches, determine if they work or not through rigid and sound testing, and successfully finding methods and techniques to eventually install these codes into the original program.
Patch management is a sub-practice within the art and science of information technology and systems management. The size and scope of the system itself determines the size and scope of the management team as well. The modifications that this company is experiencing is creating new and heavier demands on the management team in general and having a patch manager may be a well advised maneuver in the long run.
In determining the risk involved in not having such a manager on the management team requires accessing the talents and skills of other working within the project. Just because a new term has been created does not necessitate its usage. For some a patch manager is excessive and would likely sap resources instead of contribute to profits, for others a patch manager is absolutely necessary due to the size and scope of the mission at hand. Finding this balance is the burden of this problems and by conducting the proper risk assessment a reasonable answer maybe discovered and implemented within the confines of the systems itself and begin contributing to the overall success of the endeavor. When finding errors within code becomes a reoccurring problem, it may be the right time to insert a more rigid patch management schedule within the system. This concerns may or may not affect the overall performance of the overall virtualization security effort.
Question 4
I believe largely that direct control of storage is preferable for my personal management style. Having direct control over important resources is important despite the costs. Virtualization can be more cost effective in the long run and certainly can minimize the physical requirements of any large scale business that requires such storage needs. The need for my personal use would most likely include a proclivity towards physical storage.
In terms of system availability, this largely depends on the talent that is actually managing the actual storage of data. In the virtual world the act of storage is just as important as in the physical world, and choosing the right person or group of people to conduct this operation is quite important in determining if this switch was best for this company. In the long run, a tradeoff between quality and quantity must be tempered for the best results. Many times the quick fix becomes more burdensome in the long run. Physical security of important data should never be compromised. “We expect end-to-end virtualization to become a normal part of future computing environments. Unfortunately, simply providing a virtualization layer is not enough. The flexibility that makes virtual machines such a useful technology can also undermine security within organizations and individual hosts. Current research on virtual machines has focused largely on the implementation of virtualization and its applications. We believe that further attention is due to the security risks that accompany this technology and the development of infrastructure to meet these challenges,” (Garfinkel & Rosenblum, 2005).
Assigning risk levels to different types of data seems the most tempered and reasoned approach to this problems. Like most information some is more sacred than others and some needs more protection than others. When organizations find the correct balance their systems will work in harmony and with precision. Until this balance is achieved there will be a push and pull between resources that reflects the need to address security, virtual and otherwise, in a more harmonious nature. ”
References
Garfinkel, T., & Rosenblum, M. (2005, May). When Virtual Is Harder than Real: Security Challenges in Virtual Machine-Based Computing Environments. InHotOS.
Owens, K. (2009). Securing virtual compute infrastructure in the cloud. Whitepaper. SavvisCorp.[Online]. Available: http://www. savvis. com/en-us/info% 5 Fcenter/documents/hos-whitepaper-securingvirutalcomputeinfrastructureinthecloud. pdf.
Richmond, M. (2005). ViSe: A virtual security testbed. Master’s thesis, University of California, Santa Barbara.
Sarkar, P., & Sapuntzakis, C. (2003). Bootstrapping Clients using the iSCSI Protocol. Work in Progress.
Wei, J., Zhang, X., Ammons, G., Bala, V., & Ning, P. (2009, November). Managing security of virtual machine images in a cloud environment. InProceedings of the 2009 ACM workshop on Cloud computing security (pp. 91-96). ACM.
