S 2.444 Planning the use of virtual IT systems

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator

In addition to the requirements already specified in S 2.315 Planning the use of servers, other aspects must be taken into consideration to ensure secure server operation. The following describes additional specifications regarding the planning of virtual IT systems.

Manufacturer support for virtual IT systems

It must be checked that all applications which are to be operated on virtual IT systems are supported by their manufacturers on the selected virtualisation platform. Normally, software is approved for a certain combination of operating system and hardware platform by their manufacturers. Support for any problems that may occur is only guaranteed if the software is used in accordance with these specifications. As the hardware platform "virtual IT system" has not been standardised yet, not all software manufacturers guarantee general support of virtual systems. In most cases, the manufacturers only offer support for a certain combination of operating system and visualisation product, e.g. for error analysis and elimination.

Life cycle of virtual IT systems

Moreover, established procedures for installing, taking inventory and operating of (virtual) IT systems and withdrawing them from operation change when they are operated in a virtual infrastructure. It is therefore necessary to plan and define in detail how these processes are adapted. The following aspects must be ensured:

• It must be checked whether the operating systems and applications used are suitable for operation in virtualised IT systems.
• It must be ensured that the virtualisation product is suitable for the intended use of the IT systems.
• Virtualisation features such as snapshots which could cause problems with the applications must not be used (see also S 4.347 Disabling of snapshots of virtual IT systems).
• The applications should not require any hardware components such as software protection modules (dongles) or ISDN cards which cannot be provided within the virtual infrastructure.
• The inventory of the information system must comprehensively include all virtual IT systems in order to avoid sub-licensing or operation of systems the purpose of which is unknown.
• The usual procedures and planning and operation preparations for installing and operating physical IT systems should be applied to the virtual IT systems in an appropriate manner and in terms of their intention. If, for example, physical IT systems are provided with a label on which the name and IP address is documented, this is not possible for virtual IT systems. However, these specifications can be implemented in the administration software when specifying a name for these virtual IT systems.
• Realistic and appropriate performance and resource requirements should be defined for the virtual IT systems together with the server and application operators before initial operation of the systems. When determining the performance requirements it must be checked whether performance limitations in the event of occasional load peaks can be accepted: For example, scripts for automatic processing of database content are often not time-critical and therefore do not need to be executed with maximum performance.
• Rules must be specified on the execution of routine tasks during operation of virtual IT systems. These rules must ensure that activities such as starting and stopping virtual IT systems, creation and deletion of as well as resetting to snapshots are co-ordinated with the server operators and application owners.
• The performance of virtual IT systems must be monitored. It must have been ensured that their performance requirements are appropriately met.
• A process must be established that ensures early detection of bottlenecks in the use of processor performance, main memory and hard disk memory and adequate reaction to such bottlenecks.

Test and development environments

In test and development environments where only a functional analysis of virtual IT systems is to be performed, it is possible to deviate from the specifications listed above. However, a process must be established within the organisation which ensures that the configuration and resource allocation of the virtual IT systems is checked and, if necessary, adjusted before they are put into productive operation. For example, virtual IT systems should not simply be copied or cloned from the test and development environment, but rather newly installed. If the IT system is not newly installed it must be checked carefully whether the virtual IT systems to be copied or cloned are suitable for productive operation. In particular, it must be checked if certain virtualisation features used in test and development environments (such as scripts in guest tools) are still active. The tests should be performed in an environment that uses the same virtualisation solution as the target system. This is to ensure that the behaviour of the virtual IT systems in the test environment is not different than in the productive environment.

Review questions:

• Are virtual IT systems from test and development environments checked as to whether they are suitable for productive use before initial operation in the productive network?
• Has a procedure been specified for installation and operation of visualisation servers and virtual IT systems?
• Have the virtualisation features (such as, for example, snapshots) that are allowed to be used in virtual IT systems been specified?
• Has it been ensured that the performance of the virtual IT systems is continuously monitored?
• Are all virtual IT systems of the information system included in the inventory?
• Has a procedure been specified for withdrawing visualisation servers and virtual IT systems from operation?