How to Keep Your VMotion Traffic Secure
VMotion is a software suite focused around creating and managing virtual machines. These virtual machines allow a single computer to operate as though it were actually a cluster of computers. VMotion is mainly used to help set up servers for hosting multifaceted websites that require a large number of server operations. In 2008, a series of malicious exploits were published that could take advantage of vulnerabilities within VMotion traffic. These exploits, released under the name "Xensploit" have continued to evolve and proliferate since that time. With proper precautions, you can completely secure all traffic moving through your VMotion servers.
Other People Are Reading
Instructions
-
-
1
Isolate your VMotion activity from from any and all "production network" traffic. This means separating your company's "Intranet" from the "Internet." While making important changes to server and database settings, be sure to keep integral portions of the server off any publicly accessible network. This will ensure that your traffic cannot be covertly read or modified while you are in the critical stages of changing or updating important areas of the network.
-
2
Restrict administrative access to the VI account associated with your VMotion server setup. Administrative control will allow a user nearly limitless access to your data and the freedom to make permanent changes wherever they see fit. VMotion allows any number of users to be promoted to administrative status, but it is highly recommended that you have only a single admin account to ensure the privacy and security of your inbound and outbound traffic.
-
-
3
Turn off the "Promiscuous Mode" option for all "Vswitches." Vswitches constitute vital entry nodes into your network. Promiscuous mode is an administrative option that loosens security surrounding access to the virtual environments within your network. Manipulating weaknesses within promiscuous mode is an integral part of the original Xensploit attack plan.
-
1
