Virtualized Security Design And Application On A Financial Industry

Currently, cloud computing has become an important research direction of the computer industry, virtualization technology as a cloud computing infrastructure that is growing rapidly. Virtualization technologies include server virtualization, desktop virtualization, network virtualization and a series of technologies. The rapid development of virtualization technology also will bring the security threat issues that are now has become the most concern, and even it is a bottleneck of virtualization technology. The financial industry is most concerned about the server’s high availability and security of business data.For these reasons, this paper carries out a systematic study and analysis on virtualization security, a brief introduction to virtualization technology, VMware server virtualization and desktop virtualization technology. This paper researches and designs on virtualization malware, and the desktop virtualization of data leakage within the network.For virtualization security issues, this paper is based on the study of the brief introduction to virtualization and virtualization security.This paper describes two VMBR: SubVirt and BluePill malware installation and hazards. Three studies based virtual machine vulnerabilities:remote code execution vulnerability Shared Folders directory traversal vulnerability, BIOS infection attacks. SYN-DoS Denial of Service attacks vSphere, the vSphere components does not work, will cause the entire virtualization platform paralysis. The paper also presents several security threat protection or detection program, which aims for the financial industry virtualization platform to provide a secure and stable environment.For the issues of data leakage within the network, this paper introduces the data loss prevention technology and analyzes the data loss prevention program. It integrates with Symantec Data Loss Prevention Technology, and scans all the files need to be transferred. If it detects the file involves sensitive data, the system will intercept it, and then administrator decision whether to release the file after examining and approving. Else the system sends this file directly. It can be proven that the solution is feasible and the system reaches a predetermined level of security through analysis and testing.