Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Virtual switching risks SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Virtual switching risks
I'm doing some research on virtual switching, specifically the Cisco Nexus 7000 series switches and virtual device contexts (VDC). There's ample documentation on implementation, but nothing specifically in the security space. Of course, the vendor literature stresses how secure these devices are and that there is absolutely no way that one context can commmunicate with another. As far as I'm concerned, allowing multiple contexts to share the same physical device is bypassing a layer of the proverbial security onion. You wouldn't let your DMZ and internal network share other resources so I don't know why network infrastructure would be any different.

Does anyone have any experience looking at this objectively from our POV, specifically assessing potential risks?

Thank you
Joe
joeimp

1 Posts

Sign Up for Free or Log In to start participating in the conversation!