Enseva Azure Cloud and Meltdown
By Chris SeveyBlog, In The NewsMeltdown is a hardware vulnerability affecting Intel x86 microprocessors and some ARM-based microprocessors. It allows a rogue process to read any kernel memory, even when it is not authorized to do so. You may read more about the issue here: https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
Enseva’s Azure infrastructure has already been updated to address this vulnerability. Enseva’s architecture allows for customer instances (including compute, memory and storage) to be live migrated between physical infrastructure without impacting service availability. This capability was leveraged to patch and update our Azure environment with limited impact to customer systems.
Due to some of the changes in operating systems required to mitigate Meltdown, negative performance impacts may be observed by some clients. Specifically services and activities that are heavily tied to kernel functions. To help keep this impact to a minimum, Enseva has deployed additional compute resources and distributed client load among a larger number of servers until chip manufacturers and operating system developers have an opportunity to address the performance impacts. It is our expectation that clients should only see a minimal performance impact.
The Enseva Azure updates address a vulnerability at the hypervisor level and does not require an update to your Windows or Linux virtual machine instances. However, as always, you should continue to apply security best practices throughout your environment.