U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

SP 800-125A Rev. 1 (Draft)

Security Recommendations for Server-based Hypervisor Platforms

Date Published: April 2018
Comments Due: May 2, 2018 (public comment period is CLOSED)
Email Questions to: sp800-125A-comments@nist.gov

Author(s)

Ramaswamy Chandramouli (NIST)

Announcement

Draft NIST Special Publication (SP) 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms, identifies five baseline functions of the hypervisor platform (virtualized platform), analyzes threats to these platforms and provides security recommendations. It has been found that to deploy virtualized servers for high performance applications (e.g., big data, analytics etc.), other forms of device virtualization besides the “emulation” approach covered in this document are required.

This revision captures these additional technologies for device virtualization such as para-virtualization, passthrough and self-virtualizing hardware devices as well as associated security recommendations. Major content changes in this revision can be found in Sections 1.1, 2.2.2 and 5. A markup version also shows changes from SP 800-125A (January 2018).

Abstract

Keywords

Virtualization; Hypervisor; Virtual Machine; Virtual Network; Secure Configuration; Security Monitoring; Guest OS
Control Families

None selected

Documentation

Publication:
Draft SP 800-125A Rev. 1

Supplemental Material:
Markup copy (pdf)

Other Parts of this Publication:
SP 800-125
SP 800-125B

Document History:
04/11/18: SP 800-125A Rev. 1 (Draft)
06/07/18: SP 800-125A Rev. 1 (Final)

Topics

Security and Privacy
planning

Technologies
cloud & virtualization; servers

Laws and Regulations
OMB Circular A-130