A virtual server is created from a template configuration called a virtual server image or virtual image machine. Hardening is the process of stripping unnecessary software from a system to limit potential vulnerabilities that can be exploited by attackers. Removing redundant programs, closing unnecessary server ports, and disabling unused services, internal root accounts, and guest access are all examples of hardening.

A hardened virtual server image is a template for virtual service instance creation that has been subjected to a hardening process (Figure 1). This generally results in a virtual server template that is significantly more secure than the original standard image.

Hardened virtual server images help counter the denial of service, insufficient authorization, and overlapping trust boundaries threats.

Figure 1 – A cloud provider applies its security policies to harden its standard virtual server images. The hardened image template is saved in the VM images repository as part of a resource management system.

Related Patterns:

• Detecting and Mitigating User-Installed VMs
• Hypervisor Protection
• Secure Connection for Scaled VMs

This mechanism is covered in CCP Module 7: Fundamental Cloud Security and
in Module 8: Advanced Cloud Security.

For more information regarding the Cloud Certified Professional (CCP) curriculum, visit www.arcitura.com/ccp.

This cloud computing mechanism is also covered in:

Cloud Computing Design Patterns by Thomas Erl, Robert Cope, Amin Naserpour

(ISBN: 9780133858563, Hardcover, ~ 528 pages)

For more information about this book, visit www.arcitura.com/books.