ESXi

 View Only
  • 1.  Security -- vmfs? manual startup? anything else?

    Posted Dec 20, 2010 09:58 PM

    Trying to satisfy an auditor . . .

    Right now I have an ESXi (free license) server with a Windows 2008 R2 server running on it (local hard drives). If that entire server is stolen, what can I say about the security?  How can the vmfs be accessed?  Can another ESXi server just read the vmfs or does that server somehow need access granted?  (That's also a good question for disaster recovery.)  Right now the guest is set to autostart.  Would it actually help to set it to manual startup?  My theory: if the vmfs/datastores are completely secure (are the encrypted? is it possible to encrypt?) it's meaningless if the guest isn't secure from the network as the ESXi server can boot up and load the guest automatically.  You can hack on the server from the network for as long as you like.  BUT if it's set to manual startup, then they have to have username/password access to the ESXi server in order to even boot the guest.  I just have to make sure I don't cut my arm off, I think (active directory authentication but you can't authenticate because the server is down but you can't boot the server because of manual startup . . .)

    I've read through several VMware documents related to security and certification.  I just want to be certain of my answers in the almost "worst case" scenario of a completely intact system stolen -- so the bad guys have all kinds of time to try and hack it.  (Worst case scenario would be stolen with the UPS so the system remains powered on.)



  • 2.  RE: Security -- vmfs? manual startup? anything else?
    Best Answer

    Posted Dec 20, 2010 10:07 PM

    VMFS doesn't include any encryption so if the server was stolen one could perform a repair install to get access to the VM or there are even options to boot ESXi from a recovery CD that would provide access to the datastore.  If you need encryption you'll have to do it within the VM.



  • 3.  RE: Security -- vmfs? manual startup? anything else?

    Posted Dec 20, 2010 11:49 PM

    So it's really no different from having a physical machine stolen?  I'm surprised.  Doesn't ESXi have some type of access to the data on the guests?  You can, for instance, mount guest file systems -- and back them up/shrink/clone etc.  We're really just relying (in the case of Windows machines) on NTFS security?



  • 4.  RE: Security -- vmfs? manual startup? anything else?

    Posted Dec 20, 2010 11:58 PM

    The actual access of ESXi and the guest filesystem is not there.  ESXi sees things from the VMDK level, not actually within the guest.  Well, it can access the guest through VMware Tools but not to the extent you are thinking of, I believe.  If the server was stolen, the person would need to understand how ESX(i) works and how to bring the guest online.  Assuming that this is the case and it is stolen, VMware can't provide you anything to stop a physical catastrophe.  ESX(i) is a hypervisor and just basically manages resources, it doesn't actually do much with the OS installed on the VMDKs created for your VMs.



  • 5.  RE: Security -- vmfs? manual startup? anything else?

    Posted Dec 20, 2010 10:11 PM

    You would need to use encryption within the guest OS. Most OS's today include that capability. EFS