NIST SP 800-125, Guide to Security for Full Virtualization Technologies, is a comprehensive publication put forth by the National Institute of Standards and Technology discussing important provisions for ensuring the safety and security of today’s increasingly used virtualization platforms. Specifically, NIST SP 800-125 places a heavy emphasis on all components of virtualizing, giving much-needed guidance on security for the following areas:
- Guest O/S
- Virtualized Infrastructure
- Desktop Virtualization
Learn more about our signature product, the Global Information Security Compliance Packet (GISCP), the world's most complete security policy packet containing over 2,850 + pages of in-depth information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and much more.
Learn more today about the GISCP by viewing sample policies, forms, hardening documents, and more.
Additionally, NIST SP 800-125 puts forth the following five (5) phase virtualization lifecycle:
- Phase 1: Initiation. This includes tasks that an organization should perform before it starts actually designing a virtualization platform.
- Phase 2: Planning and Design. Personnel are to specify the technical characteristics of the
- actual virtualization platform.
- Phase 3: Implementation. Equipment is to be configured for meeting operational and security Requirements.
- Phase 4: Operations and Maintenance. Critical security-related tasks for which an organization is to perform on an ongoing basis.
- Phase 5: Disposition. Tasks that are to be undertaken once a virtualization solution is being retired.
Security Policies | Critical for Virtualization Platforms
While NIST SP 800-125 provides an incredibly in-depth - and excellent - overview of baseline planning and security configurations for virtualized environments, it’s also important to note that information security polices and procedure are equally important. Flat Iron Technologies, LLC offers the industry leading Global Information Security Compliance Packet (GISCP) containing literally hundreds of well-written policies, procedures, forms, checklists, templates, provisioning and hardening documents - even an in-depth virtualization policy - all available for immediate download.
Virtualization best practices need to be understood and adhered to at all times - NIST SP 800-125 is an excellent document - what’s needed are industry leading policies and procedures, such as those offered by Flat Iron Technologies, LLC.