Residual Risk

User guidance

Deploying organizations should consider these guidelines for secure operation of their systems.

Secure operation

This section highlights residual risks that are not completely covered by the technical solution and that may require additional operational or procedural controls.

Refer to Security Hardening: VMWare Infrastructure 3 (VMware ESX 3.5 and VMware VirtualCenter 2.5) (http://www.vmware.com) for recommendations for security hardening VMware infrastructure, including virtual machines and virtual machines files and settings.

Deploying organizations may wish to implement additional measures based on their assessment and risk appetite.

Risks

  • Malicious Host

  • Misconfiguration

  • Data Aggregation

  • Data Ex-filtration

Deployment and distribution

  • Keys and for communication with clients and other Critical Security Parameters (CSPs) such as TLS and SSH certificates are protected in software only and are embedded on the virtual machine.

  • Audit data accumulated from monitored clients is only protected by software mechanisms on the virtual instance.

  • Virtual machine instances must be managed. This includes auditing use and distribution of the virtual instances and controlling access to the host machines.

  • Cloning virtual machines with nShield Monitor is not recommended for new deployments. A fresh installation via distribution of the OVA image and reconfiguration is always recommended.

Secure configuration

The manual, Security Hardening: VMWare Infrastructure 3 (VMware ESX 3.5 and VMware VirtualCenter 2.5), covers these measures in more depth.

They are repeated here because they are directly relevant to mitigating the outlined risks to nShield Monitor and they can be modified by the user who is operating the virtual machine.

  • Secure virtual machines as you would secure physical servers. Antivirus, Anti spyware, intrusion detection and other protection must be enabled for the virtual machine. All security measures must be kept up to date including applying appropriate patches.

  • Disable Automatic Mounting of USB Devices. This measure is required to prevent introduction of malware to the virtual environment and exfiltration of data.

  • Ensure Unauthorized Devices are Not Connected.

  • Control Root Privileges.

  • Disable Technical Support Mode.

  • Disable Copy and Paste Operations Between the Guest Operating System and Remote Console.

Host machine

Must be sanitized as per the deploying organizations policy. Best practices for OS and application security controls are recommended on the host machine to minimize the risks outlined above.