I'm doing some research on virtual switching, specifically the Cisco Nexus 7000 series switches and virtual device contexts (VDC). There's ample documentation on implementation, but nothing specifically in the security space. Of course, the vendor literature stresses how secure these devices are and that there is absolutely no way that one context can commmunicate with another. As far as I'm concerned, allowing multiple contexts to share the same physical device is bypassing a layer of the proverbial security onion. You wouldn't let your DMZ and internal network share other resources so I don't know why network infrastructure would be any different.
Does anyone have any experience looking at this objectively from our POV, specifically assessing potential risks?
Nov 6th 2014
5 years ago