With host security being such a critical part of a secure virtualization infrastructure, the following best practices should serve as a starting point for securing a Fedora host system:
2.2.1. Special Considerations for Public Cloud Operators
Public cloud service providers are exposed to a number of security risks beyond that of the traditional virtualization user. Virtual guest isolation, both between the host and guest as well as between guests, is critical due to the threat of malicious guests, as well as the requirements on customer data confidentiality and integrity across the virtualization infrastructure.
In addition to the Fedora virtualization best practices previously listed, public cloud operators should also consider the following items:
Disallow any direct hardware access from the guest. PCI, USB, FireWire, Thunderbolt, eSATA and other device passthrough mechanisms not only make management difficult, but often rely on the underlying hardware to enforce separation between the guests.
Network traffic should be separated such that the cloud operator's private management network is isolated from the customer guest network, helping to ensure that the guests can not access the host systems over the network. The network should be further isolated such that customer guest systems run in a private, virtualized network so that one customer can not access another customer's guest systems directly via the cloud provider's internal network.