Search Results for: virtualization security

0wning Xen … In More Detail

August 25, 2008 by Kris Buytaert Leave a Comment

Over at her own blog, Joanna Rutkowska from Invisible Things has some updates on their findings about Xen security as we earlier reported.

Joanna argues that most of the attacks presented indeed require that the attacker first gains access to the Dom0 before he can launch the attacks but that doesn’t take away the severeness of the issues.

Other rootkits also require for the attacker to first gain root access before he can hide his toolset from the eyes of the administrator.

She continues to argue that other attacks already provide people with potential access from DomU to Dom0 via a virtual machine escape bug

But even there the attacker first has to gain root in the DomU before he can potentially climb up to Dom0

Still there’s a significant difference in gaining (root) access, and hiding the fact that you got it. But indeed neither of both should be possible

vmSight Includes VDI User Activity Control In vmSight 3.5

August 21, 2008 by Robin Wauters Leave a Comment

vmSight today announced that its recently released vmSight 3.5 product suite now includes a user activity control feature for virtual desktops, in addition to its existing monitoring capabilities. This newly added capability allows virtual desktop administrators to block unauthorized user and application activity on virtual desktops for improved performance or security. The feature is available immediately in the vmSight virtual appliance that directly integrates into an organization’s virtual desktop infrastructure (VDI) platform.

vmSight’s patented Connector ID technology facilitates the new activity control functionality in release 3.5. Similar to the caller ID capability prevalent in today’s phone networks, vmSight’s Connector ID enables virtual desktops and thin clients with a user identification and tracking capability. Using this technology, vmSight is the only solution of its kind with the ability to monitor users and prevent unauthorized application activity for performance or security purposes. Administrators can identify the specific virtual desktop and applications accessed by a user at any given time, and can track, control and optimize user activity and performance end-to-end.

As part of the company’s vmSight 3.5 product suite for virtual desktop deployments, user activity control integrates completely with the vmSight Center and Monitoring Stations. User activity is monitored in real-time, and unauthorized user or application activity can be blocked for improved performance or security. Integration with Active Directory and LDAP allows policy definition based on existing user groups. Combined with its other features, such as performance monitoring and service level management, vmSight 3.5 provides a complete virtual desktop management solution to help reduce problems and support costs.

Phoenix Technologies Talks Up HyperSpace Hypervisor at IDF

August 20, 2008 by Robin Wauters Leave a Comment

Phoenix Technologies today announced that the first open demonstrations of Phoenix FailSafe, its anti-theft and data protection firmware-based product, and its embedded virtualization platform, Phoenix HyperSpace, are being held at the Intel Developer Forum (IDF) August 19-21, 2008 in San Francisco.

At IDF, Phoenix also unveiled Phoenix MicroCore, Phoenix’s newest BIOS designed for the new Intel Atom processor for netbooks and nettops.

Update: a LinuxWorld keynote given by Simon Crosby unveils that the engine behind HyperCore is actually Xen. The presentation also revealed that other major vendors are using Xen for their upcoming desktop hypervisors.

Phoenix HyperCore is an embedded hypervisor which allows an independent Linux-based operating system called HyperSpace to run specialized core services side-by-side with Windows Vista. The HyperSpace platform provides a unique computing environment called ManageSpace that PC designers and security innovators can use to host remote management and security applications that are available before, during and after Windows boot up and shut down. Operating like self-contained appliances, these embedded applications such as anti-virus and secure browsing provide stronger protection than is currently available on PCs.

We recently wrote that Phoenix is integrating HyperSpace into NEC notebooks as one of the first manufacterers.

Enhanced by Intel based-processors enabling virtualization technologies, Phoenix HyperSpace provides a secure foundation of ’embedded simplicity.’ PC OEMs can now offer highly-efficient, instantly available applications that promise to deliver new levels of security, up-time, system reliability, remote management, and ease-of-use to PC users.

Phoenix Technologies

VirtualLogix VLX Adds Support for Intel-Based Mobile Internet Devices

August 20, 2008 by Robin Wauters Leave a Comment

VirtualLogix (previous coverage) today announced that its VLX virtualization solution will be supporting the latest Intel Atom processor Z5XX series-based Mobile Internet Devices (MIDs).

Device makers using VLX on these MIDs can simplify hardware designs, reduce costs and enhance the end-user experience through improved quality of voice, multimedia services and stronger security capabilities. VirtualLogix VLX also offers complete power management support for virtualized environments, which reduces MIDs’ overall energy consumption.

The VLX hypervisor integrates transparently into a Windows or a Linux-based MID with no re-installation of the native operating system (OS) and no intrusion into the existing user environment. As a result, customers can use VLX’s flexible software architecture to securely separate critical applications while boosting the quality of service offerings. Additionally, by servicing the virtual appliances while the main application OS and associated hardware resources are not in use, VLX improves power consumption management.

The demand for next-generation devices is expanding. In a recent report, “Mobile Internet Device (MID) & Chip Market Opportunities,” Forward Concepts forecasted MID shipment growth from 305,000 units in 2008 to 39.6 million units in 2012.

Check Point Ships VPN-1 Virtual Edition

August 19, 2008 by Robin Wauters Leave a Comment

Check Point Software Technologies today announced VPN-1 Virtual Edition (VE) and claims it is the first company to provide unified security management for both physical networks and virtual applications.

Virtualization of multiple servers into a single appliance creates an entirely new type of environment that requires new ways to protect segregated applications and information from one another without the use of physical security appliances. Check Point’s VPN-1 VE restores the separation and security of applications as if they were still located on separate servers. VPN-1 VE also integrates completely into a customer’s overall Check Point security infrastructure, making it possible to manage Check Point appliances and software for open servers, “Secured by Check Point” appliances and VPN-1 VE from a single interface — reducing the cost and strain of management.

Check Point lists the following benefits for VPN-1 VE:

Secures virtual environments with a preconfigured solution that is tailored for VMware ESX or ESXi environments to help ensure an easy, optimal deployment
Eliminates the need for additional security appliances to protect virtual applications, thereby lowering costs
Integrates with the same unified interface as other Check Point security gateways
Strengthens auditing, compliance and risk management with unified logging for the entire security infrastructure, including virtual environments
Enables quick deployment for provisioning or disaster recovery

Check Point VPN-1 VE is available immediately and can be purchased through the Check Point worldwide network of VARs as well as from VMware directly. Pricing can be consulted here.

Check Point Software Technologies

DataSheet Proposal for Xen 3.3 Hypervisor Published

August 19, 2008 by Robin Wauters 1 Comment

Stephen Spector published a post yesterday on the Xen blog featuring a proposed data sheet (PDF) for the upcoming Xen 3.3 release, which we said was in final testing stage in the beginning of this month.

Update 26 August: Xen 3.3.0 is available for download.

The complete list of new features in Xen 3.3 includes:

Performance and Scalability

CPUID Levelling
Shadow 3 Page Table Optimizations
EPT/NPT 2MB Page Support
Virtual Framebuffer Support for HVM Guests
PVSCSI — SCSI Support for PV Guests
Full 16-bit Emulation on Intel VT
Support for memory overcommit allowing more VMs per physical machine for some workloads

Security

PVGRUB Secure Replacement for PYGRUB
IO Emulation “stub domains” for HVM IO
Green Computing
Enhanced C & P State Power Management
Graphics Support
VT-d Device Pass-Through Support

Miscellaneous

Upgrade QEMU Version
Multi-Queue Support for Modern NICs
Removal of Domain Lock for PV Guests
Message Signalled Interrupts
Greatly improved precision for time-sensitive SMP VMs

XenSource