The Network Access Control Solutions are important resources when establishing a zero-trust security posture, particularly at larger organizations. We’ll discuss them here.
The Hypervisor
The Operating System, typically Windows, represents an application for every user in a network environment. Therefore, the Operating System must be tightly controlled to prevent exploitation and provide adequate security at scale. What is most important to realize, however, is that every user who runs Windows also runs a copy of the OS and the Hypervisor running the OS. While every operation, whether it be accessing your domain controller or modifying a file on the network, can be traced back to the running operating system, many of these operations can be executed safely without user interaction. Because of this, it is important to understand the functionality of the OS, the level of access an administrator has to the OS, and the relative strengths of various operating systems.
Because your Operating System is the master, its functionality should be based on a strong security model that will avoid any manipulation of your computer during the life of the network connection. If an attacker controls the system, it can be prevented from booting, from reading or modifying the information stored on the system, from loading a running application or driver, or from other operations with full control of the system. Remember, the Operating System is the source for nearly all of the information in your network, and if you want to learn more about network access you can discover more here for this. It is therefore imperative that any actions that can be traced back to the system be written to prevent such actions.
Microsoft Hyper-V
Microsoft Hyper-V is a version of Windows designed for use in virtualization environments. While it cannot be traced back to the underlying Operating System, it is closely modeled on it to provide the ability to connect to the OS using a driver-independent network protocol. Because it cannot be directly controlled, a failure of Hyper-V can be traced back to the underlying operating system and the OS alone. Hyper-V provides the tools to integrate a virtualized network into your infrastructure. Because the OS is so closely modeled on the underlying Operating System, anything that can be written to the OS can be written to Hyper-V. Since Hyper-V can be connected to a Hypervisor, it provides a similar level of isolation as well.
Awareness
For a large enterprise, user awareness of their environment, whether it be malicious activity or data loss, is necessary for a successful security posture. Additionally, organizations must also adopt the notion that they need to be vigilant of these threats to ensure they can protect their enterprise from these various types of attacks. A key step to protecting your enterprise is keeping an eye on the state of your security.
Prior to establishing a security posture, it is important to ensure that the environment is getting the latest security updates. To do this, start by installing and configuring the ESXi console. Any environment using ESXi should be looking for latest versions of Windows, OS patches, and software updates, as well as third-party antivirus/antimalware applications. Ensure that you also enforce reasonable patching policies so that Windows, OS patches, and third-party antivirus/antimalware applications do not interfere with your ESXi install. This will not only provide the best overall user experience but also help prevent user-level attacks. While there are no Windows updates to be installed, it is critical to install all the security updates that you may need.
To prevent any attacks from occurring, ensure that the data on your network is stored as encrypted data and is only accessed as a static IP address.
Wow Aracely, you really wrote that beautifully, now I want to go again!