Hi Yongbo, I know VMsafe covers three main areas are Memory, Disk and Network for securing the virtual environment, as far as I know, for kvm security, we have similar security features or resource management and control, for instance: 1. Host network isolation, configuring network interface for the host and a separate network interface for the guest operating systems. 2. SELinux automatically stores and protect images on host 3. Secure remote management with libvirt such as using SSH tunnels, using SASL authentication and encryption and using TLS for remote access 4. Using sVirt isolates virtual machines 5. With cgroups in RHEL6, you can restrict a set of tasks to a set of resources, prevent denial-of-service situations in KVM environments, and monitor resource use 6. Disk-image encryption is a technique aimed at protecting data at rest 7. Auditing the KVM virtualization host and guests In addition, libvirt includes a pluggable framework for lock managers, which hypervisor drivers can use to ensure safety for guest domain disks, and potentially other resources. Of course, I'm not a developer, I believe that virt developers can show more security technique or features for virtualization to you. Regards, Alex ----- Original Message ----- From: "王永博" <wangyongbo90@xxxxxxxxx> To: quintela@xxxxxxxxxx Cc: "Developers qemu-devel" <qemu-devel@xxxxxxxxxx>, "KVM devel mailing list" <kvm@xxxxxxxxxxxxxxx> Sent: Wednesday, November 23, 2011 9:44:39 AM Subject: Re: [Qemu-devel] KVM call agenda for Novemeber 22 Does kvm has the api like vmsafe to help cooperator protect their product ? 2011/11/22 Juan Quintela <quintela@xxxxxxxxxx>: > > Hi > > Please send in any agenda items you are interested in covering. > > Later, Juan. > -- > To unsubscribe from this list: send the line "unsubscribe kvm" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
