Oracle® VM

Security Guide for Release 3

Oracle Legal Notices


March 2014


Document generated on: 2014-03-06 (revision: 3777)

Table of Contents

1 Audience
2 Documentation Accessibility
3 Command Syntax
4 Conventions
1 Oracle VM Security Overview
1.1 Oracle VM Overview
1.1.1 Description of Oracle VM Components
1.1.2 Security Aspects of Oracle VM
1.2 General Oracle VM Security Principles
1.2.1 Keep Software Up-to-Date
1.2.2 Restrict Network Access to Critical Services
1.2.3 Follow the Principle of Least Privilege
1.2.4 Monitor System Activity
1.2.5 Stay Up-to-Date on Latest Security Information
1.3 Understanding your Oracle VM Environment
2 Performing a Secure Oracle VM Installation
2.1 Oracle VM Pre-Installation Tasks
2.1.1 Preparing the Oracle VM Management Server
2.1.2 Preparing the Management Network
2.2 Installing Oracle VM Manager
2.3 Installing Oracle VM Server
2.4 Recommended Oracle VM Deployment Configurations
2.5 Oracle VM Post-Installation Configuration
2.5.1 Adding a Trusted CA Certificate and Keystore for SSL Encryption
2.5.2 Securing Oracle VM Agent Communications with a Certificate
2.5.3 Changing Certificate Settings for VNC and Live Migration
2.5.4 Enabling LDAP Authentication on Dom0
2.5.5 Setting Up Virtual Machine Access
3 Oracle VM Security Features
3.1 Oracle VM Network Model
3.1.1 No Network Connection
3.1.2 Isolated Local Network
3.1.3 Trusted Internal Network
3.1.4 Untrusted Internal Network
3.1.5 Internet Facing Services
3.2 Administrator Privileges in Oracle VM
3.3 Storage Configuration
3.4 User Access to Virtual Machines
3.5 Virtual Machine Security Considerations