Posted by: Greg Ness | November 15, 2007

Three Recent Data Center Security Developments

The trade press picked up two of the three with extensive coverage of Litchfield’s announcement estimating 500k vulnerable databases exposed to the internet without protection.  Talk about a hacker or bot paradise; you get a massive available server network and access to a wealth of privileged data.  

The second item was Oracle’s announcement that they were throwing their hat in the virtualization ring.  Vulnerable databases now designing in a virtualization layer: talk about a one-two punch that should grab security pro attention.  And what has Xen contributed to the virtsec discussion or roadmap?  

The icing came via a recent ten minute podcast featuring EMC VP Chuck Hollis about the need for security to be part of the virtualization discussion.  While I featured this earlier at Archimedius I thought the timing of these three developments makes for an ominous potential trend in data center security, where a rush to virtualize magnifies the population of existing remote vulnerabilities (OS, database, etc) facing the internet.  

I blogged about the existing virtsec challenges earlier as well, without introducing the specter of “percolating” databases moving around on a blade backplane, interracting with other software.  For those of you who think creating partitions based on policies are a good idea, read “Virtsec in the Trenches”.

Now the virtsec notice has been served to the database security appliance vendors.  Database security will now inevitably join the virtsec discussion.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: