25 Points Virtualization Security Checklist
Virtualization is the process of running multiple OS on the same hardware and cloud platform. It is the most used method to reduce cost and effective utilization of resources. Below is the virtualization security checklist that can follow by auditors to ensure the security of virtualization servers.
(1) Check virtualization products are properly patched as recommended by product developers. Also, check for no fake kernel modules that are loaded on the host.
(2) Check Network Time Protocol (NTP) is properly configured and it should be enabled on each host.
(3) Check for consistent security policy enforced on physical and virtual networks.
(4) Check for an effective control process to manage VM Lifecycle.
(5) Check whether VMs will be identified based on sensitivity/risk level. It helps in securing virtual servers more effectively.
(6) Check SSH should be disabled as it can be used to manage individual VM without logging.
(7) Check management against the risk of intentionally or accidentally powering off virtual servers.
(8) Check for architecture and design documents of virtual appliances.
(9) Check for individual firewall protection enabled for each VM.
(10) Check for Hypervisor management APIs/CLIs are adequately protected.
(11) Check role-based access enabled for Hypervisor.
(12) Check whether critical data stored on VMs encrypted.
(13) Check policies for the backup and failover systems, including temporary upgrade/patch instances, are cleaned when deleting and wiping the VM images.
(14) Check for cryptographic mechanisms implemented to detect unauthorized changes to VM images and snapshots.
(15) Check non-root user account exists for local account access. Ensure the root accounts should be used minimally.
(16) Check complex password policy should be used by the administrator.
(17) Check the usage of automatic discovery tools to identify unauthorized virtual servers.
(18) Check the maximum number of failed login attempts is set to 3 or 5 as mentioned in the security policy. Also, check for account lockout is not set to more than 15 minutes.
(19) Check for management solutions to examine, patch, and apply security configuration changes to VMs.
(20) Check communication access to virtual servers always through TLS. Check default signed certificate should not be used.
(21) Check Simple Network Management Protocol (SNMP) is properly configured. SNMP can be used to manage hosts. It should be disabled if not used.
(22) Check whether external media such as CD/DVD, USB, etc. are restricted.
(23) Check for separate log servers with proper access control.
(24) Check logs are maintained and monitored by the security team.
(25) Check the golden configuration of virtual servers available to deploy new servers.
Virtualization is a boon for creating multiple servers utilizing maximum resources and reducing costs. This article discussed a virtualization security checklist to enable auditors to enforce virtual servers' hardening configuration. Virtualization administrators also use this to check missing configurations to secure virtual servers more efficiently.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.