What is hypervisor security?
Hypervisor security is the process of ensuring the hypervisor -- software that enables virtualization -- is secure throughout its lifecycle. Common security practices for hypervisors include limiting users in a local system, reducing attack surfaces and keeping systems updated.
A hypervisor is software that enables a single host device to run multiple virtual machines (VMs). Examples of hypervisors include Microsoft Hyper-V Manager and VMware vSphere. The hypervisor emulates hardware such as the central processing unit, memory and RAM.
Hypervisor security is important because, if attackers gain control of the hypervisor, they can access every VM under that hypervisor and all data stored in each VM. Additional points of vulnerability include shared hardware caches, the network and access to the physical server.
Hypervisor security helps security professionals and administrators ensure protection against such intrusions during development, implementation, provisioning, management and deprovisioning.
Hypervisor security techniques and best practices
Numerous methods exist to help protect hypervisors. Monitoring and network security tools enable administrators to track their virtual environments and detect any unusual behavior or attacks. Administrators can also use tools such as firewalls to keep hypervisors secure.
Another way to protect hypervisors is reducing the attack surface. This can be done by turning off unneeded or unused hypervisor services. This also includes disconnecting unused physical hardware from host systems.
Admins should also restrict who has remote and console access to the hypervisor. This limits who controls the settings of the hypervisor and prevents unauthorized users from changing or accessing information. Most hypervisor platforms allow multiple access types, including Secure Shell, Remote Desktop Protocol, specialized management client and server connectivity.
Keeping up with the latest updates and security patches also helps ensure hypervisor security. Updates released by the hypervisor's vendor contain security patches or additional security features.
Blocking access to physical servers is another best practice. Access to the physical server is a relatively easy way to access the hypervisors.
Editor's note: The definition was written in 2019 by a TechTarget contributor. TechTarget editors revised it in 2023 to improve the reader experience.
This was last updated in May 2023