Virtualized security fueled by SDN?

Former Intel expert doubts possibility of ever securing virtual machine implementations properly.

Over at cablinginstall.com's sister site Lightwave Online, chief editor and associate publisher Stephen Hardy takes a look at how, "with software-defined networking (SDN) and network functions virtualization (NFV) promising more flexibility and programmability for data center and carrier networks, these new capabilities might bring security challenges as well." Hardy reports on how encryption technology provider Certes Networks says it has an answer to such questions, thanks to its recently unveiled CryptoFlow Solutions suite.

In a related Youtube video from the 30th Chaos Communication Congress [30c3], held recently in Hamburg, Germany by the Chaos Computer Club (CCC), Gal Diskin, a former security evaluation architect with Intel, presents a talk entitled, Virtually Impossible: The Reality Of Virtualization Security.

"This talk...demonstrate[s] why it is virtually impossible to secure virtual machines implementations properly," writes Diskin, current Chief Research Officer with Cvyera LTD. "In the talk, I...give an overview of the basics of hardware virtualization technology, the existing attack techniques against virtualization; and also explain why it is such a complex problem to create a secure hypervisor. The talk focus[es] on the low level interfaces and how it affects all aspects of computer platform security."

More in IP Security & AV