A VDI platform may greatly improve the security of critical information, as it allows administrators to ensure the user workstation environment by controlling access to virtual desktops, refusing the use of non-authorized devices, if necessary.
On the one hand, the use of non-persistent virtual desktops permits you to immediately change the status of a user station platform back to a stable and valid configuration. A completely new desktop is presented to a user each time they open a session, which completely isolates viruses or any other type of malware.
Most organizations are provided with a disaster recovery plan that includes the steps to follow in case of natural disaster or a prolonged power outage that prevents them from accessing the jobs located in their offices.
Desktop virtualization is emerging as a tool of great help in these cases, since the users can access their virtual desktops from anywhere, anytime and with any device, so that production is not affected by the problems that may arise in certain facilities, thus avoiding the economic losses caused by the interruption of the activity.
VMworld Europe 2014 opened today in Barcelona. In this first day of one of the most outstanding virtualization and cloud computing events, VMware announced new products, program and service that add to the growing list of innovative solutions for end-user computing. Among them is VMware Horizon FLEX that will enable enterprises to centrally provision, manage and secure virtual desktops and applications running locally on Macs and PCs, using policy-based controls to more securely embrace bring your own (BYO) policies.
In addition, a new cloud service for desktop disaster recovery will allow organizations to protect their business and enhance workforce continuity, expansion of cloud hosted services in Europe will open opportunities for customers, and a new storage program will help customers quickly predict and control virtual desktop deployment costs at scale.
There are several options that administrators should keep in mind in order to isolate virtual machines inside a Hyper-V virtual switch and thus monitor incoming and outgoing traffic and improve the environment security. Yo can secure the switch:
A vulnerability in Xen hypervisor has broken the security around multi-tenant environments. It allows Xen hardware virtual machines (HVM) to access data storaged in other HVM-based machines that are located in the same hardware. This bug, which has been registered as CVE-2014-7188, also allows to crash the host.
ARM systems and paravirtualization servers (PV) of the Open Source hypervisor haven’t been affected. The only vulnerable systems are x86.
Xen Project has published a patch to solve this problem, which affected big companies, such as Amazon or Rackspace, that had to reboot their virtualized servers.
A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren’t being affected.
UDS Enterprise servers aren’t vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered.
This vulnerability has been registed as CVE-2014-6271 and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.
To offer the best experiences, we use technologies such as cookies to store and/or access device information. Consent to these technologies will allow us to process data such as browsing behavior or unique identifications on this site. Not consenting or withdrawing consent may negatively affect certain features and functions.
Functional
Always active
The storage or technical access is strictly necessary for the legitimate purpose of allowing the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication through an electronic communications network.
Preferencias
El almacenamiento o acceso técnico es necesario para la finalidad legítima de almacenar preferencias no solicitadas por el abonado o usuario.
Statistics
Storage or technical access that is used exclusively for anonymous statistical purposes.El almacenamiento o acceso técnico que se utiliza exclusivamente con fines estadísticos anónimos. Sin un requerimiento, el cumplimiento voluntario por parte de tu Proveedor de servicios de Internet, o los registros adicionales de un tercero, la información almacenada o recuperada sólo para este propósito no se puede utilizar para identificarte.
Marketing
Storage or technical access is necessary to create user profiles to deliver advertising, or to track the user across one or multiple websites for similar marketing purposes.
