Tel: 020 8456 3550

Home » Training » CCSP » Cloud Platform and Infrastructure

Cloud Platform and Infrastructure

CCSP: Domain 3
CLOUD PLATFORM AND INFRASTRUCTURE SECURITY

DOMAIN 3 CLOUD PLATFORM AND
INFRASTRUCTURE SECURITY DOMAIN

Hypervisor security
VM Concerns, vulnerabilities and weaknesses
Performance and operational complexity
Data Center Operations
Perimeter security
Physical Security

HYPERVISOR SECURITY

NIST SP 800-125 Guide to Security for Full Virtualization Technologies
Guest OS
Isolation
OS Monitoring
Image and Snapshot Monitoring

SECURING THE HYPERVISOR

Install all updates to the hypervisor as they are released by the vendor. Centralized patch management solutions can also be used to administer updates.
Restrict administrative access to the management interfaces of the hypervisor.
Protect all management communication channels using a dedicated management network
Synchronize the virtualized infrastructure to a trusted authoritative time server.
Disconnect unused physical hardware from the host system (external drives, NICs.)
Disable all hypervisor services such as clipboard- or file-sharing between the guest OS and the host OS unless they are needed
Consider using introspection capabilities to monitor the security of each guest OS and their interactions
Carefully monitor the hypervisor itself for signs of compromise. This includes using self-integrity monitoring capabilities that hypervisors may provide, as well as monitoring and analyzing hypervisor logs on an ongoing basis.

SECURING THE GUEST OS

Follow the recommended practices for managing the physical OS, e.g., time synchronization, log management, authentication, remote access, etc.
Install all updates to the guest OS promptly. All modern OSs have features that will automatically check for updates and install them.
Back up the virtual drives used by the guest OS on a regular basis, using the same policy for backups as is used for non-virtualized computers in the organization.
In each guest OS, disconnect unused virtual hardware. This is particularly important for virtual drives (usually virtual CDs and floppy drives), but is also important for virtual network adapters other than the primary network interface and serial and/or parallel ports.
Use separate authentication solutions for each guest OS unless there is a particular reason for two guest OSs to share credentials.
Ensure that virtual devices for the guest OS are associated only with the appropriate physical devices on the host system, such as the mappings between virtual and physical NICs.

VIRTUALIZATION CONCERNS

Inter-VM attacks
traffic between the VMs traverses a virtual network and are invisible to the physical security elements and is sometimes referred to as the “Blind Spot”
Monitoring of the virtual network is as essential as that of the physical
Performance:
Many security tools affect performance, perhaps more so on VMs
Understanding the virtual environment and the use of proper sizing, planning and balancing the needs of the environment
VM Sprawl:
The increasing number of VMs in use leaves the potential for oversights and misconfigurations
Automation and proper governance and long term framework to mitigate the risks associated with operational complexity.

VIRTUALIZATION CONCERNS CONTINUED
Instant-On Gaps
Vulnerabilities exist from when a VM is powered on and when its security rules can be updated
Best practices include network based security and “virtual patching” that inspects traffic for known attacks before it can get to a newly provisioned or newly started VM. It is also possible to enforce NAC (Network Access Control)-like capabilities to isolate stale VMs until their rules and pattern files are updated and a scan has been run.
VM Theft or Modification
VM Encryption is necessary as VMs are susceptible to modification or theft, but it can affect performance
Data Comingling:
Data of different classifications could potentially be stored on the same physical device
combination of VLANs, firewalls, and IDS/IPS to ensure VM isolation as a mechanism for supporting mixed mode deployments. We also recommend using data categorization and policy based management to prevent this. In Cloud Computing environments, the lowest common denominator of security could potentially be shared by all tenants in the multi-tenant virtual environment.

RECOMMENDATIONS FOR THE CLOUD CUSTOMER
Identify which types of virtualization your cloud provider uses, if any.
Consider a zoned approach, with production separate from test/dev, and highly sensitive data/workloads in different environments than low-need content.
Consider performance when testing and installing virtual machine security tools, as performance varies widely. Virtualization-aware server security tools are important to consider.
.Evaluate, negotiate and refine the licensing agreements with major vendors for virtualized environment.
Secure each virtualized OS by using software in each guest or using an inline virtual machine combined with hypervisor-based APIs such as VMware vShield.
Virtualized operating systems should be augmented by built-in security measures, leveraging third party security technology to provide layered security controls and reduce dependency on the platform provider alone.
Secure by default configuration must be assured by following or exceeding available industry baselines.
Encrypt virtual machine images when not in use.
Explore the efficacy and feasibility of segregating VMs and creating security zones by type of usage (e.g., desktop vs. server), production stage (e.g., development, production, and testing) and sensitivity of data on separate physical hardware components such as servers, storage, etc.
Make sure that the security vulnerability assessment tools or services cover the virtualization technologies used.

DATA CENTER OPERATIONS

Cloud providers running data center operations should demonstrate to customers their compliance to current regulations and standards.
CSPs can/should share results of independent audits
Cloud Trust Protocol is intended to establish digital trust between a cloud computing customer and provider and create transparency about the provider’s configurations, vulnerabilities, access, authorization, policy, accountability, anchoring and operating status conditions.
CloudAudit: Provides automated audit, assertion, assessment, and assurance

PERIMETER SECURITY

Should add distance, time and scale to the physical access of systems
Focuses on the 4 “Ds”
Deter
Detect
Delay
Deny

BACKUP AND RECOVERY CONSIDERATIONS

CSPs should provide assurance in securing customer data backed up to the cloud for the purpose of fault tolerance and disaster recover.
Solutions might include
SSL/TLS secure transfers
Encrypted storage
Password protections
Geo-redundant storage
Continuous backup
Express restore
Deduplication (finding and removing duplication within data without compromising its fidelity or integrity allowing a more intelligent form of data compression)

PHYSICAL LOCATION OF CLOUD INFRASTRUCTURE

Physical location of CSP should be evaluated for location in relation to
Regions with a high rate of natural disasters (flood, landslides, seismic activity, etc.)
Regions of high crime, social/political unrest
Frequency of inaccessibility

DOMAIN 3 CLOUD PLATFORM AND INFRASTRUCTURE SECURITY DOMAIN

Hypervisor security
VM Concerns, vulnerabilities and weaknesses
Performance and operational complexity
Data Center Operations
Perimeter security
Physical Security