Oracle® Fusion Middleware User's Guide for Oracle JRockit Virtual Edition 11g Release 1 (11.1.1.3.0) Part Number E15206-02 |
|
|
View PDF |
The following security guidelines are generic to any enterprise IT environment, not necessarily specific to virtualization.
Do not store sensitive data on an NFS Server.
Oracle JRockit Virtual Edition does not encrypt communication with NFS servers. So storing sensitive data on NFS servers can compromise the security of your system.
Make sure that the Java application is secure.
Oracle JRockit Virtual Edition provides a secure run-time environment for the virtual machine that you create from the Java application, but the Java application has full access to its files. So make sure that the Java application is secure.
Use a firewall to protect virtual machines (that are running on a local network) from external access.
Secure the virtualization server so that unauthorized users cannot gain root access to the server. Oracle JRockit Virtual Edition cannot protect itself if unauthorized root access to the virtualiztion server is possible.
Grant control and console access only to trusted users.
Configure the virtual infrastructure such that only users that need to modify the run-time state of virtual machines are authorized to access the virtual machine console. Oracle JRockit Virtual Edition cannot protect itself from virtual machine shutdown and other virtual machine-related attacks if this policy is not maintained.
Store the virtual machine files securely so that unauthorized users cannot access them.