Protecting a VM that is exposed to the internet or compromised
By default, the environment is protected from the public Internet via a firewall in Skytap. You can expose the VM to the public Internet by attaching a published service, static public IP address, or Skytap-managed DNS name to the VM.
For more information, see Exposing an Environment to the Public Internet.
If the VM is exposed to the public Internet, use these recommendations to further secure it.
Contents
Securing VMs exposed to the public internet
Before you expose a VM to the public internet:
- Install anti-malware and anti-virus software on the VM.
-
Ensure all of the VM operating system updates and patches have been applied.
For most Windows Operating Systems, open a browser and navigate to http://www.update.microsoft.com/.
-
Use a firewall for the VM OS.
Make sure the guest OS firewall is running and correctly configured. You can configure a firewall to allow certain ports or programs through.
-
Use strong, unique passwords for all accounts.
Passwords should include multiple letter, number, and special character combinations.
-
Limit access to user accounts, rather than admin or root accounts.
Create separate user accounts on the operating system with unique passwords for each user. These steps reduce your exposure to malware that uses administrative privileges to execute.
-
Use a password-protected screen saver on the VM.
- If you allow SSH access to the VM, use public key authentication instead of passwords.
Steps to take If a VM is infected
If a VM is infected, Skytap Support may notify you and require you to remediate the VM before you can continue to use it.
- Scan the VM with anti-virus and anti-malware software, and make sure that any infections are quarantined and removed. Skytap doesn’t support or recommend any particular anti-virus software, but several free options are available.
- Change the passwords for all accounts on the VM.
- If you’re unable to disinfect the VM, you can restore the VM from a template and then follow the recommendations to secure the VM from future infections.