How is access restricted to protected resources and what kind of controls can be placed on such access?
Configuration Management The first configuration decision related to virtualization technology that could affect an organizations security posture is the specific technology they choose to deploy. By this we do not mean which vendor is selected, but rather the specific virtualization stack they decide upon. Companies are faced with two choices: 1. Use a virtualization-aware operating system, or run on a highly optimized for virtualization layer with no standard operating system in the mix at the host layer. 2. Run on a vanilla unmodified operating system like Microsoft Windows XP or Red Hat Enterprise Linux, where the virtualization layers are built as applications and drivers on top of this standard operating system. Based on which choice organizations make, the levels of performance would differ, as would the feature sets and the level of administrative complexity. It is important to make this choice carefully, taking into account the skill sets of your staff. For example, if your te
Related Questions
- Can NIST prioritize its recommended security controls to establish which controls agencies should deploy first?
- How is access restricted to protected resources and what kind of controls can be placed on such access?
- How does Security Blanket Enterprise Edition and the Standalone work with (or compliment) SELinux?
