Containers alone are inadequate security boundaries. A compromised workload on a container can compromise the host operating system and all other workloads running on that host operating system.

According to the NIST Application Container Security Guide, also known as NIST Special Publication 800-190, containers do not provide a concrete security boundary as a VM. Because containers share the same kernel and can be run with varying capabilities and privileges on a host, the degree of segmentation between them is far less than that provided to VMs by a hypervisor.

To establish a strong security barrier for containers, VMware typically runs containers on VMs. Deploying containers with VMs encases an application with a layer of strong isolation. This approach is suitable to cloud-style environments with multitenancy and multiple workloads. Major cloud providers such as Google and Amazon Web Services (AWS) typically isolate the container workloads of tenants by using separate VMs.

Containers or the operating system of a physical host can be easily misconfigured, increasing the attack surface and the level of risk. According to the NIST Application Container Security Guide, "Carelessly configured environments can cause containers to interact with each other and the host easily and directly than multiple VMs on the same host."

The abstraction, automation, and isolation of an operating system running on a VM in a hypervisor reduces the attack surface, adds layers of protection against lateral movement, and decreases the risk of a security breach.

Leveraging security innovations

Running containers on VMs also lets you leverage security innovations in virtualization technology. For example, the Secure Encrypted Virtualization (SEV) technology integrates memory encryption with AMD-Virtualization to support encrypted VMs that are ideal for multi-tenant environments.

SEV with Encrypted State (SEV-ES) provides a smaller attack surface and additional protection for a guest VM from the hypervisor even if the hypervisor is compromised. SEV-ES blocks attacks by encrypting and protecting all CPU register contents when a VM stops running to prevent the leakage of information in CPU registers to the hypervisor. SEV-ES can detect and prevent malicious modifications to the CPU register state.

For more information about how VMs establish strong security boundaries for containers, see Containerized Network Functions on VMs or Bare Metal.


According to the Security Analysis for the UK Telecom Sector: Summary of Findings (National Cyber Security Centre, January 2020), "While network virtualization presents risks, it also allows advanced and flexible network protections. Thus, a well-built virtualized network is more secure and resilient than the network built on dedicated hardware."