Consolidating multiple physical servers into a single (or a few) virtual server(s) has become a popular way to make better use of available server resources and to significantly reduce costs for hardware, software, maintenance, operations, and energy.
The concept of maintaining only a single server, i.e. an “Office-in-a-Box”, is quite exciting and desirable especially for small to medium businesses (SMBs) or branch offices of enterprises. However, while there are concepts and best practices available on how to consolidate web, mail, database and other application servers, IT personnel are still challenged with the security aspects of virtualization. They are frequently asking the following questions:
How can I secure virtualized machines within a virtualized system?
How can I run my existing security applications (that run on servers, gateways, appliancees) on a virtualized platform?
This paper will answer these questions and describe a recommended three-step approach on how to implement an all-In-one security solution within a virtualized system.