Updates 2015 DRAFT SP 800-125B, Secure Virtual Network Configuration for Virt
DRAFT SP 800-125B, Secure Virtual Network Configuration for Virtual Machine (VM) Protection
September 29, 2015
NIST announces the public comment release of Draft NIST Special Publication 800-125B, Secure Virtual Network Configuration for Virtual Machine (VM) Protection. VMs constitute the primary resource to be protected in a virtualized infrastructure, since they are the compute engines on which business/mission critical applications of the enterprise are run. Further, since VMs are end-nodes of a virtual network, the configuration of virtual network forms an important element in the security of VMs and their hosted applications. The virtual network configuration areas considered for VM protection in this document are – Network Segmentation, Network Path Redundancy, Firewall Deployment Architecture and VM Traffic Monitoring. The configuration options in each of these areas are analyzed for their advantages and disadvantages and security recommendations are provided.
The specific areas where comments are solicited are:
- Advantages and Disadvantages of the various configuration options in the four virtual network configuration areas.
- The Security Recommendations
The public comment period closes on Friday, October 23, 2015. Please send comments to firstname.lastname@example.org.
Created December 21, 2016, Updated April 26, 2017