1.Inter VM attacks
+ traffic between the VMs traverses a virtual network and are invisible to the physical security elements and is sometimes referred to as the "Blind spot".
+ Blind Spot - Monitoring of the virtual network is an essential as that of the physical.
2.Performance
+ many security tools affect performance,perhaps more so on VMs.
+ understanding the virtual environment and the use of proper sizing,planning and balancing the needs of the environment.
3.VM sprawl
+ The increasing number of VMs in use leaves the potential for oversights and misconfiguration.
+ Automation and proper governance and long term framework to mitigate the risks associated with operational complexity.
4.Hyper-jacking
+ Installing a rogue hypervisor that can take complete control of a host through the use of a VM based root kit that attacks the original hypervisor,inserting a modified rogue hypervisor in its place.
5.Instant-on Gaps
+ Vulnerabilities exist from when a VM is powered on and when its security rules can be updated.
+ Best practices include network based security and "virtual patching" that inspects traffic for known attacks before it can get to a newly provisioned on newly started VM.It is also possible to enforce NAC (Network Access Control ) like capabilities to isolate VMs until their rules and pattern files are updated and a scan has been run.
6.VM Theft/Modification
+ VM encryption is necessary as VMs are susceptible to modifications or theft,but it can affect performance.
7.Data commingling
+ Data of different classifications could potentially be stored on the same physical device.
+ Combination of VLANs firewalls and IDS/IPS to ensure VM isolation as a mechanism for supporting mixed mode deployments. We also recommend using data categorization and policy based management to prevent this.In cloud computing environments,the lowest common denominator of security a cloud potentially be shared by all tenants in the multi-tenant virtual environment.