The deployment of virtual machines and the securing thereof are two separate and unrelated tasks that negatively impact resources and are prone to mistakes or inconsistencies due to the manual nature of coordinating between management and security. Some existing deployments implement a protection policy based on a manifest supplied by the applications. Other deployments monitor servers based on a model that specifies relations and resource requirements. These potential disconnects between security and administration can create errors that further cause security risks.