How to Secure VMware Workstations
As the VMware workstations are becoming a significant element of the IT world today, the security threats against VMware environments are also increasing day-by-day. For example, while in the web, the VMware Client Integration Plugin is reported to allow an attacker to launch man-in-the-middle (MitM) or session hijacking attacks by getting the vSphere Web Client user to visit a specially crafted website.
As part of the company’s initiative to prove efficient security, during the recent Pwn2Own contest, VMware Inc. challenged hackers to compromise the application for price money of $75,000. Seeing that organizational security is an important aspect while adopting VMware, they have also released several guidelines in securing and configuring VMware in organizational infrastructures. Implementing some of the finest security policies are the best remedies to tackle attacks against VMware. As VMware is a unique and sophisticated system, the security risks are also high which reflects the need of additional levels of protection over typical physical IT infrastructures.
VMware Security Best Practices
Even though VMware is constantly striving to offer the finest security to its clients, organizations too have to contribute their part to reduce the security flaws. When organizations fail to follow the security best practices, their VM’s will be vulnerable to cyber attacks, since traditional IT security measures aren’t enough today. Some of the following techniques can be adopted in order to maintain a secure organizational network with VMware.
1. Isolating Host Network
Isolating the host network to a dedicated management network can prevent the unauthorized user access, which is one of the important aspects of VMware security.
The public network access of the management devices should be avoided to the maximum for better safety, and protection of other VM’s on the same host are also important. The adapters that are accessible to the public network should be configured with an IP that is blocked at the management network firewall to enhance the security.
2. Enabling Secure Shell
The Secure Shell specially crafted to support VMware can improve the security by securing the communications between the systems. Enabling Secure Shell is an effortless process and has remarkable security safety features.
3. Resource pool access control and delegation
The resource pool access control is also another important aspect in VMware security, as the resources are allocated at various levels in an organization. The resources made available to any local user can become vulnerable, increasing the threat level. The department administrator of the resource pool also can perform all the virtual machine creation and management.
4. Encrypt Virtual Drives
As the users with access to physical host have the admission to mount any virtual drives to bypass guest security policies, the possible remedy is to encrypt all of the virtual drives. The Microsoft Encryption File System and VeraCrypt are some of the full disk File Encryption tools that are capable to protect data from unauthorized access. This can further lead to better security to the Virtual Drive and overall VMware security.
5. Secure Remote Access Consoles
Even though the VMware is predefined to use SSL encryption for the remote console connections, there are self-signed certificates that these systems cannot protect from attacks. To tackle this issue, the certificates that are assigned should be signed from a Certification Authority or create a secure certificate for the remote console and install it manually.
6. Log Off VM Sessions
Logging of sessions after use is one of the traditionally followed security best practices, and this has to be the same with VMware also for better security. While focusing security, the VM should be considered equivalent to a physical machine and that makes it important to follow all the security practices of the physical machines.
7. Startup Passwords
Passwords are always necessary and are the basic elements of a security policy. All the VMs should be password protected to prevent any unauthorized user access. The Boot time passwords that VM allows to configure can limit users from accessing the VM boot files, which further enhances the security.
8. Implementing Secure Networking
As networking is the soul of virtual machines, implementing secure networking is a highly recommended best practice. VLAN tagging can be implemented to enhance the security of network by filtering the data traffic. The Ethernet Layer network security policies further enforces security for VM that is not available with physical servers. VMware is found to be in a constant quest in achieving the finest security. According to the securityweek.com, VMware released four rounds of security updates this year. The company recently patched privilege escalation vulnerability in VMware Tools, a remote code execution flaw in the glibc library, and a cross-site scripting (XSS) bug in vRealize products.
Even though nothing can be made completely secure in this digital world; implementing some of the best security practices can save organizations from cyber attacks to a great extend.