I'm trying to translate vsphere EAL4 certification into practical terms. Suppose I have a virtual machine that is running on an ESX host, and that virtual machine is compromised (for example, the Windows OS becomes filled with viruses, rootkits and malware). Am I assured by EAL4 that the compromised virtual machine can never jeproadize in any way the security of the ESX 4 host? Obviously it could start using too much RAM, processor and network bandwidth, and so affect performance negatively. But are there any known cases of a compromised VM doing something like bring down the service console or install code in it, or install code underneath the hypervisor, or shut down the esx host or anything of that nature? (assuming the service console is itself properly secured beforehand).
Any thoughts appreciated - thanks
Hello,
If a VM is compromised, the ESX host is NOT compromised.... It it was it would be an 'escape the VM' attack. There are no such attacks that currently work against ESX/ESXi.
EAL4+ does not necessarily imply this, but it is a benchmark used by many organizations to determine the level of security existing within the code of an operating system. To get this certification VMware's hypervisor went through a strenuous evaluation, etc.
Search this forum for 'escape the VM' for more ideas on this style of attack.
Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009, 2010
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]
Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]
Hello,
If a VM is compromised, the ESX host is NOT compromised.... It it was it would be an 'escape the VM' attack. There are no such attacks that currently work against ESX/ESXi.
EAL4+ does not necessarily imply this, but it is a benchmark used by many organizations to determine the level of security existing within the code of an operating system. To get this certification VMware's hypervisor went through a strenuous evaluation, etc.
Search this forum for 'escape the VM' for more ideas on this style of attack.
Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009, 2010
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]
Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]
EAL 4+ certification for vSphere concerns the host and VMware related services, not guests, yes it gives advice regarding guest protection but not regarding the OS running on that guest, they are subject to different EAL4+
As Texiwill says what you are talking about is currently not possible.
If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points
Tom Howarth VCP / vExpert
VMware Communities User Moderator
Blog: www.planetvm.net
Contributing author on "[VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment|http://www.amazon.co.uk/VMware-VSphere-Virtual-Infrastructure-Security/dp/0137158009/ref=sr_1_1?ie=UTF8&s=books&qid=1256146240&sr=1-1]”.
Contributing author on "[VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410|http://www.amazon.co.uk/VMware-Certified-Professional-VSphere-Study/dp/0470569611]”.