In virtualized computing networks and related systems, a set of virtual machines is hosted by a set of physical machines. The virtual machines are software implementations that are configured to execute various programs, such as applications and operating systems, like a physical machine. The software running on a virtual machine is limited to the resources and abstractions provided by the virtual machine.
Entities such as corporations, individuals, or other organizations are increasingly using virtualization services in various computing infrastructures. For example, as more server workloads are being virtualized, the average virtual machine (VM)-to-host ratio is increasing. The increases can create difficulties for virtualization managers who manage and oversee virtual machine operation. Further, the entities that employ the virtualization services are not able to dynamically receive updates to virtual machines and/or the host physical machines. As such, the entities may not always have a current snapshot of the virtualization infrastructure.
In addition, a virtualized infrastructure can introduce a new set of security risks, and vulnerabilities in various components, such as hypervisors, can impact more than one device or resource. Some of the additional security considerations that have been identified in virtualized infrastructures include offline images, hypervisor attacks, VM proliferation, virtual networks, virtual storage, larger impact of failure, blurring of responsibilities, and others. Further, as virtualization technologies become more widely deployed, the number and severity of disclosed vulnerabilities has climbed steadily. Further still, a virtualized environment is highly dynamic and, from a security perspective, the risks are ever-changing.
A need, therefore, exists for administrators or other entities to understand the security risks of their virtual environment at any point in time. Further, a need exists to perform vulnerability scans on virtual machine networks to detect and remedy vulnerabilities, security holes, and other risks.
It should be noted that some details of the drawings have been simplified and are drawn to facilitate understanding of the embodiments rather than to maintain strict structural accuracy, detail, and scale.