|
|
|
|
|
|
|
|
|
|
xen-users
RE: [Xen-users] RE: If a DomU was compramised..
On Thu, May 20, 2010 2:47 pm, Jonathan Tripathy wrote:
> Hmm ok that worries me a bit...
>
> I thought that Xen is a type-1 hypervisor, so why do they say that VMWare
> is more suitable?
>
> Surely VMWare's *nix "console" abailable from the VGA port (or ssh if you
> hack it) is equivalent to the Dom0 in Xen? Or have I got the whole concept
> of a Dom0 wrong?
I suppose the bottom line is, does anyone who cannot be trusted have
access to the dom0? My experience of PCI compliance people has been that
they often don't understand the situation so use 'no' as a standard
answer, which is what I was rather poorly eluding to.
Xen IS secure and definitely as secure if not more so than VMWare's
implementation *if* you design and implement it securely. Auditing types
like to have simple boxes to tick and would rather not get into the
technicalities of bridging and firewall rules, so they generally say 'no'.
I am involved with a company that holds limited medical data and the
auditors flatly refuse to accept any kind of virtualised setup at all
despite having no technical reasoning to back up that decision.
Cheers,
Matt.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|