Securing Virtual Servers in the
Dynamic Data Center
Virtualization technologies introduce management challenges to ensure data center security and compliance. Likewise integrates the industry-leading data center virtualization platforms from VMware and Citrix with Microsoft Active Directory to respond to these challenges with compliant, automated and secure management solutions.
Benefits of Virtualization
In a recent survey by Forrester*, a majority of companies have already implemented some form of server virtualization and for good reason. Virtualization has transformed the data center by removing the direct dependency of application servers from physical hardware. When properly deployed, virtualization platforms are being used to meet high-priority IT objectives, including server consolidation, self-service server provisioning, disaster recovery, capacity management, and green IT initiatives. The disruption to business is low and the returns on investment are measurable.
Many of the benefits of virtualization stem from efficient, manageable software layers that isolate a running guest operating system and its applications in a virtual machine (VM) while coordinating access to real CPU, memory, network and storage. In the case of VMware ESX, ESXi and Citrix XenServer, this is accomplished with a special mission-critical operating system - the hypervisor. Since the hypervisor has direct access to hardware resources, it functions at a higher privilege level than the virtual machines it supports.
Active Ingredient - The Hypervisor Operating System
Challenges of Virtualization Security
Managing a virtualized environment brings challenges that grow beyond basic server administration. As virtualized server workloads are consolidated onto fewer physical machines, security becomes a greater concern. The hypervisor operating system is an additional security boundary that, if compromised, no longer represents just one isolated server, but rather all the consolidated workloads.
While virtualization introduces great flexibility, blurring the line between infrastructure and server management opens the potential for human mistakes and can lead to inadvertent abuse of privileged or root accounts that are typically the most direct methods of access.
Meeting the Requirements of Virtualization Oriented IT with Likewise
Likewise -- a De Facto Standard in Hypervisor Interoperability Adopted by VMware and Citrix XenServer
Likewise addresses the management challenges of virtualization security at a profoundly fundamental level, by using the Likewise Identity Service to integrate the hypervisor operating system with Active Directory. Active Directory provides a secure, enterprise-ready solution for centralized identity management, authentication and access control. IT administrators of VMware ESX, ESXi and Citrix XenServer can join their hypervisors to Active Directory with Likewise to ensure that the hypervisors can authenticate users securely and delegate management tasks to specific users.
VMware and Citrix have both chosen Likewise above all others to provide the Active Directory integration components in the box for their current generation of hypervisor operating systems.
Holistic Data Center Security Solution - from Application to Virtual to Physical - with Likewise
IT environments that incorporate Active Directory-integrated hypervisors also benefit from Likewise software in creating comprehensive security solutions.
Likewise Enterprise can consolidate authentication and access control across an extensive range of guest and desktop operating systems. Other security features that Likewise Enterprise provides include the following:
- Application single sign-on for SAP, Apache, JBoss, Tomcat and WebSphere
- Group policy, including security policies, to perform automated lockdown and configuration
- Auditing to monitor configuration drift
- Reporting to support the security compliance requirements of PCI and SOX
- Likewise works with a growing number of OEM partners to further extend its Active Directory security and Windows interoperability benefits to storage and network devices.
Virtualization Platform Support
Platform |
Version |
Supported |
Integrated |
Description |
Xen |
Citrix XenServer 5.5+ |
Yes |
Yes |
Likewise security and authentication components are included in XenServer. |
VMware |
VMware ESX 4.1+ |
Yes |
Yes |
Likewise security and authentication components are included in the VMWare ESX hypervisor. Likewise-Enterprise features can be installed separately. |
VMware ESXi 4.1+ |
Yes |
Yes |
Likewise security and authentication components are included in the VMware ESXi bare-metal hypervisor. |
|
VMware ESX 2.x, 3.x, 4.0 |
Yes |
No |
Likewise-Enterprise can be installed on ESX hosts. |
|
Solaris Containers |
Solaris 10 |
Yes |
No |
Follow instructions on Working with Solaris Containers |
More Information
*http://www.forrester.com/ER/Press/Release/0,1769,1254,00.html
Related Resources
Boardcast: Complex AD Integration
Learn how Likewise Enterprise is the best solution for large complex Active Directory deployments and how organizations are using it in one-way and two-way cross forest trust scenarios.
