Security considerations between Xen vs KVM?

submitted by MigratingtoLemmy

To be completely open, this is *not* a question about XCP-ng vs Proxmox. I'm open to doing everything in the cli, comparing two platforms is not my intention here.

I'm very interested in the security benefits one has over the other though. AFAIK Xen has a dedicated for security? I'd like to think that both are reasonably secure by default, but I do not get many hits for "KVM hardening", for example, only OS-level hardening advice.

Do both protect equally against attacks that try to escape the VM? Is there anything in terms of security that one has and the other doesn't?

I know this is not the usual kind of question that is asked on this sub, any help is greatly appreciated!

Log in to comment

2 Comments

jet

XEN is a true microkernel, so it has a lower risk surface overall, less trust in drivers/architecture.

MigratingtoLemmy [OP]

Thanks