1.2. Why Virtualization Security Matters
Deploying virtualization in your infrastructure provides many benefits but can also introduce new risks. Virtualized resources and services should be deployed with the following security considerations:
The host/hypervisor become prime targets; in effect, they are often a single point of failure for guests and data.
Virtual machines can interfere with each other in undesirable ways.
Resources and services can become difficult to track and maintain; with rapid deployment of virtualized systems comes an increased need for management of resources, including sufficient patching, monitoring and maintenance.
There may be a lack of knowledge, gaps in skill sets, and minimal experience among technical staff. This is often a gateway to vulnerabilities.
Resources such as storage can be spread across, and dependent upon, several machines. This can lead to overly complex environments, and poorly-managed and maintained systems.
Virtualization does not remove any of the traditional security risks present in your environment; the entire solution stack, not just the virtualization layer, must be secured.
This guide aims to assist you in mitigating your security risks by offering a number of virtualization best practices for Fedora that will help you secure your virtualized infrastructure.