When monitoring our Virtual solution we have many different options to choose from one of the leading tools on the market “Nessus”. Nessus is a tool used to monitor , patch and find security vulnerabilities in our vm solutions . It is continuously monitors the virtual machines , as stated on their web site “Nessus can log in and pull information from VMs, such as active and inactive VMs on the host. This information is useful to continually audit your virtualized environment, and acting on it can help prevent VM sprawl”. This gives us an easy way of monitoring our solution since most of the hard work is done by the software. Also in extension we can use the software to Identify misconfiguration on the guest operating system, hyper visor, and applications running on the virtual images. It will Audit configuration against compliance standards or custom requirements.
Also other proprietary software for network monitoring can help us determine if Virtual machines are using too much bandwidth and causing instability in our network . One other piece of software to help us is “PRTG Network Monitor”. It screens system availability utilizing an assortment of strategies from straightforward ping through SNMP and WMI conventions to particular errands, for example, HTTP, DNS, and Remote Desktop accessibility utilizing different sensors. Utilizing particular sensors for particular machines, a manager can screen be told right away of issues. Additionally, PRTG accompanies some transfer speed checking sensors, so you can guarantee that malware intended to do DoS and other over-burden exercises are not working on your system.
Also we can use penetration testing specific operating systems like kali linux which is full of tools that can be used to “hack” into our system and find any vulnerabilities . For example we can use a tool in the linux terminal called nmap which allows us to find all open ports on our virtual machine then by exploiting open ports we can begin to try to infiltrate into our operating systems with other tools . We can try to exploit web server vulnerabilities using XSS or cross – scripting to run malicious code on the web server to do so we will have to use sql injection to inject sql commands through the webserver by accessing the website and deploying our code. Any users that view the code could them be infected. In this way we can find vulnerabilities and fix them at the same time this allows us to view the issues first hand but requires a knowledge of using the tools and the use of multiple programing languages .