While virtualization provides many benefits, security can not be a forgotten concept in its application. A new InfoQ article examines this relationship in detail:
...As noted in InfoQ's earlier article An Introduction to Virtualization, virtualization consists of two main themes: consolidation of many resources to appear as one and making one resource appear to be many. With either of these virtualization strategies, there are security considerations that should be addressed. These include data leakage, authorization and access, and corruption of information assets ... When there is a one to one correlation between a piece of hardware and a server, security is relatively easy. System administrators can configure an operating system and install scripts to secure the device on boot up, and DBAs and developers can configure the applications with fixed paths. Network engineers and security teams can configure fixed rulesets on firewalls and routers, restricting access to specific servers, disks, and services. Because systems are tied to one piece of hardware, located in a specific data center on a specific subnet, these static security practices work well. The physical server has to be moved to another subnet, or network cables have to place the server into another network. By using virtualization, however, servers can be brought down, copied, moved, and brought onto another network. The ease with which systems can move around the network, or even off of the network, means that new practices will need to be put into place...