As cloud computing becomes more affordable every year, the demand of software defined data centers in the cloud is on the rise. Rolling out a new data center for a customer involves deploying a plethora of management software typically bundled as virtual appliances. These virtual appliances, which are usually in the form of virtual machines, are stored in centralized storage and are accessed and deployed during data center creation which is typically done by a deployment and bring-up script.
A typical deployment environment starts with the appliances connected only to an isolated network. This assumption becomes the foundation for developer's confidence that such a setup is not vulnerable and hence establishing trust is ignored at the first step. After the first step, proper security is established for the deployed appliances and communications with the deployed appliances is then secure. However, the first step in the initial deployment of virtual appliances in the data center as well as in the later deployment of new virtual appliances, leaves a gap in security. It is important to close this gap in security.