Ensure Software Integrity in a Virtualized Enterprise
Business agility, increased utilization, and superior efficiency are just some of the benefits driving enterprises to move to virtualized data centers. But virtualization also creates new management and reporting challenges. What do you tell your compliance officer about the integrity of your infrastructure as it becomes increasingly transient? How can you ensure the integrity of 1,000 images? Or 10,000?
SignaCert provides a means to measure and verify virtual machines at deployment and at each stage of their lifecycle. This ability not only reduces system downtime caused by mis-configured machines, but creates a clear audit trail when asserting regulatory and IT policy compliance.
SignaCert’s verification processes can:
- Verify VM Instances—Prove that a specific VM instance is configured correctly by capturing signatures for the VM instance once it has been created and verifying against these when deploying the VM instance.
- Verify VM Instances platform—Verify an instance of a VM by verifying all the files contained in the VM - very similar to standard build verification. This will show if a VM instance has changed from the originally defined image at a fine-grained level.
- Create an audit trail—Prove the use of only authorized images and optionally what was executed within the image of the virtual machine.
How It Works
SignaCert's Enterprise Trust Server (ETS) stores file signatures and metadata for configuration, operating system, and application files from your environment—including your virtual machines. The ETS captures virtual machine images and their contents, creating software measurements for both the image and the runtime environment the image represents.
Figure 1. Capturing Virtual Machine images for
use as a reference.
Once an appropriate image has been captured in the ETS it can be used to verify other instances of that specific VM to prove they are deployed correctly. You can use these measurements to verify the virtual machine's state at deployment, during operation, when it is suspended or shutdown, and upon migration to a different environment.
Figure 2. Verifying Virtual Machine state
using ETS appliance.
