Virtualization: Security Issues and Savings

Virtualization: Security Issues and Savings

With the military’s current mandates to increase efficiencies, virtualization offers multiple benefits to the armed forces. Projects underway at the National Security Agency are advancing its use, but the government needs to reconcile security requirements with available capabilities before warfighters enjoy the full benefit of the technology.

The High Assurance Platform (HAP) program is one NSA project in which virtualization is a central technology. The program was established to provide a reference implementation of the technologies and policies required to provide warfighters with a single device with access to all the information necessary to complete a mission. Officials at the NSA say that because operations require access to networks with different classifications, HAP must support the secure separation of those networks on the platform. From the beginning of the program, personnel decided to leverage commercial hardware and software vendors as much as possible. The NSA’s earlier NetTop effort demonstrated that commercial products could offer the necessary separations among information classifications.

HAP built on previous work by using features developed by Intel in its next-generation processors that provided hardware-layer support for concepts promoted by the Trusted Computing Group. Layering virtualization on the HAP system’s ability to automatically notify the network and repair corrupted platforms after a change to the core software helps to ensure that the information in the various security domains remains separate and secure, according to the NSA.

via Signal, continued here.