Proxmox Virtualization Platform

Description

The Proxmox Virtualization Platform provides the logical virtualization service layer used to create, manage, and operate virtual machines within the Scheol Lab infrastructure.

It exposes management interfaces, orchestration capabilities, and resource abstraction required to operate virtualized workloads.

This platform relies on the underlying Proxmox Host infrastructure.

Asset Identification

Attribute	Value
Asset ID	PLT-VIR-01
CI Type	Platform
Asset Name	Proxmox Virtualization Platform
Asset Category	Virtualization Platform
Owner	Operations Role (Ops)
Status	Deployed
Location	Internal infrastructure
Primary Function	Provide virtualization services for infrastructure workloads

Asset Dependencies

Dependency Type	Asset	Status
Infrastructure	Proxmox Host	Active
Data	Infrastructure Configuration Data	In Progress

Relationships

Relationship	Target CI
Runs on	Proxmox Host
Supports capability	Infrastructure Automation
Supports capability	Security Monitoring & Detection
Supports capability	Identity & Access Management

Asset Classification

Criteria	Level
Confidentiality	🟨 Medium
Integrity	🟥 High
Availability	🟥 High

Criticality score: 🟥 High

Rationale:

The platform controls virtual machine lifecycle and resource allocation.
Compromise would allow manipulation of hosted workloads.

Responsibilities

Role	Responsibility
Operations Role (Ops)	Platform configuration and lifecycle management
Security Role (Sec)	Hardening, monitoring integration

Security Controls (High-Level)

Access Control - restricted administrative access
Configuration Hardening - secure hypervisor configuration
Monitoring & Logging - integration with centralized logging
Patch Management - regular updates of platform components

Security Considerations

Main risks include:

Unauthorized administrative access
Virtual machine isolation failure
Misconfiguration of resource controls

Security measures may include:

Strict access control to management interfaces
Network isolation of management plane
Integration with centralized monitoring

Methodological References:

ISO 27001 - Control 8.2 Privileged access rights ; Control 8.16 Monitoring activities ; Control 8.32 Change management.

NIST CSF - PR.AC Identity Management, Authentication and Access Control ; PR.IP Change Management ; DE.CM Continuous Monitoring.

EBIOS RM - Virtualization platforms as critical infrastructure assets.

Description​

Asset Identification​

Asset Dependencies​

Relationships​

Asset Classification​

Responsibilities​

Security Controls (High-Level)​

Security Considerations​