Implementing Client Virtualization and Cloud Computing

Question 1

Definition of Virtualization

Answer 1

Virtualization: Software allowing a host computer to run multiple guest operating systems known as virtual machines.

Question 2

What does a virtual platform require

Answer 2

Computer(s)
The hypervisor or Virtual Machine Monitor (VMM)
Guest operating systems or Virtual Machines (VMs)

Question 3

Give the functions of hypervisors and a description of hypervisors

Answer 3

Each VM runs in a protected space
View from inside the VM is a CPU and memory
A hard disk is an image file
Components such as network adapters are emulated
Main functions of hypervisors
Emulation
Guest OS support
Assigning resources to each guest’s OS
Configuring networking
Configuring security

Question 4

Definition of Type 2 hypervisor and examples

Answer 4

Type 2 hypervisor: A host-based hypervisor in which you install the host operating system first, then install the hypervisor.
Examples:
VMware Workstation
Oracle Virtual Box
Parallels Workstation

Question 5

Definition of Type 1 hypervisor and examples

Answer 5

Type 1 hypervisor: A bare metal hypervisor that you install directly on the server’s hardware.

Examples:
VMware ESX Server
Microsoft Hyper-V
Citrix XEN Server
Linux KVM

Question 6

Give all the points processor support and resource requirements

Answer 6

CPU with built-in instruction sets to facilitate virtualization
Intel: VT-x
AMD: AMD-v
SLAT to improve virtual memory performance
Intel: EPT
AMD: RVI
Multiple CPU resources
SMP
Multiple physical processors
Multi-core
HyperThreading
Each guest OS requires memory above that required by the host.
Each guest OS requires hard disk space for the VM image.
Most hypervisors allow guest VMs to use host adapters and peripherals.

Question 7

Give a full description of virtual networks

Answer 7

Multiple VMs can communicate with each other using standard networking protocols.
Guest OS emulates standard network adapter hardware.
Can often have multiple adapters.
Configurable just like a physical adapter.
Hypervisor implements network connectivity via virtual switches.
Function like Ethernet switches.
Implemented in software.
Connectivity between virtual adapters and virtual switches configured in the hypervisor.
Can configure connectivity between host physical NIC and virtual switches.
Provides a bridge between the host platform and physical network switches.
Allows frames to pass between:
Physical and virtual machines.
Virtual machines and the host.

Question 8

Give points to virtual machines

Answer 8

Client and Server OSs can be virtualized
Some hypervisors have limited support for certain OSs
Many purposes for deploying a virtual platform
Client-side virtualization
Deployed to desktop-type machines
Server-side virtualization

Question 9

What is client-side virtualization

Answer 9

Client-side virtualization: Any solution designed to run on desktops or workstations in which the user interacts with the virtualization host directly.

Question 10

Give examples of Virtual Machines

Answer 10

Virtual labs
Support legacy software applications
Development environment
Training

Question 11

Definition of Server-side virtualization

Answer 11

Server-side virtualization: A solution in which one or more virtual servers are created on a physical server in which each virtual server acts like it was a separate computer.

Question 12

Definition of server consolidation

Answer 12

Server consolidation: Using virtual servers, make more efficient use of system resources and hardware since most servers’ capacity is not fully utilized.

Question 13

Give the advantages of virtual machines

Answer 13

Better hardware utilization:
Typical server hardware resource utilization of 10%.
Implies 8-9 additional server instances could obtain the same performance.

Question 14

Definition of Rogue VM

Answer 14

Rogue VM: A virtual machine that has been installed without authorization.

Question 15

Definition of VM sprawl

Answer 15

VM sprawl: The uncontrolled development of more and more virtual machines.

Question 16

Give a full description of Guest OS Security

Answer 16

Each guest OS must be patched and protected against malware.
Running security software on each guest OS can cause performance issues.
Rogue VMs and VM sprawl are major security concerns.
System management software can detect rogue VMs.
VMs should conform to an application template.
Rogue developers often install backdoors and logic bombs.

Question 17

Give a full description of Host Security

Answer 17

Host Security
If the host is compromised, so is guest Oss.
Host hardware failures are a single point of failure.
High resource utilization can decrease the MTBF of components.
DOS attack on a host or hypervisor causes more damage than to a single server.
Most hypervisors support disk snapshots to revert to the saved images.
Snapshots can be misused to perform DoS attacks.

Question 18

Give a full description of Hypervisor Security

Answer 18

The hypervisor provides another attack surface
Few attacks have been detected so far
Keep hypervisor up-to-date with patches to help prevent VM escapes

Question 19

Definition of MTBF

Answer 19

MTBF: The rating on a device or component that predicts the expected time between failures.

Question 20

Definition of DoS

Answer 20

Denial of Service (DoS): A network attack that aims to disrupt a service, usually by overloading it.

Question 21

Definition of VM escaping

Answer 21

VM escaping: Malware running on a guest OS jumping to another guest or to the host.

Question 22

Definition of Cloud

Answer 22

Cloud: Any sort of IT infrastructure provided to the end user where the end user is not aware of or responsible for any details of the procurement, implementation, or management of the infrastructure.

Question 23

What is the NIST definition of cloud computing

Answer 23

NIST definition for cloud computing:
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Question 24

Examples of Cloud Computing

Answer 24

On-demand self-service
Broad network access
Resource pooling
Rapid elasticity
Measured service

Question 25

Definition of Rapid elasticity

Answer 25

Rapid elasticity: The ability to scale cloud computing resources quickly to meet peak demand and just as quickly remove resources if they are not currently needed.

Question 26

Definition of measured service

Answer 26

Measured service: A provider’s ability to control and bill a customer’s use of resources such as CPU, memory, disk, and network bandwidth through metering.

Question 27

Give the benefits of Cloud Computing

Answer 27

Rapid elasticity
On-demand and pay-per-use
Measured service
Resource pooling
Flexibility

Question 28

Give all common cloud models

Answer 28

Public or multi-tenant
Hosted private
Private
Community
Hybrid

Question 29

Give a description of Internal and External Shared Resources

Answer 29

All networks share a pool of resources
File servers provide disk storage resources to clients
Shared folders
Servers use shared disk storage
SANs
A mix of virtualization and hybrid cloud solutions
Allows shared resources to be provisioned using:
Internally owned assets
Externally provisioned assets

Question 30

Definition of Iaas

Answer 30

IaaS: A cloud computing service that enables a consumer to outsource computing equipment purchases and run their own data center.

Question 31

Definition of Paas

Answer 31

PaaS: A cloud computing service that enables consumers to rent fully configured systems that are set up for specific purposes.

Question 32

Definition of SaaS

Answer 32

SaaS: A cloud computing service that enables a service provider to make applications available over the Internet.

Question 33

Definition of VDI

Answer 33

VDI: Using a VM as a means of provisioning corporate desktops

Question 34

Definition of VDE

Answer 34

VDE: The virtual desktop environment or workspace.

Question 35

Give a full description of Virtual Desktops

Answer 35

Desktop computers are replaced by low-spec, low-power thin client computers.
The thin client boots a minimal OS, allowing the user to log on to a VM stored on the company server infrastructure.
All application processing and data storage in the VDE or workspace is performed by the server.
All data is stored on the server so it is easier to back up, and the desktop VMs are easier to support and troubleshoot.
VDIs are better locked against unsecured user practices.
The main disadvantage is that in the event of a failure in the server or network infrastructure, users have no local processing ability.
Virtual NIC

Question 36

Definition of Application virtualization

Answer 36

Application virtualization: Rather than run the whole client desktop as a virtual platform, the client either accesses a particular application hosted on a server or streams the application from the server to the client for local processing.

Question 37

Definition of virtual application

Answer 37

Virtual application streaming: Just enough of an application is installed on the end-user device for the system to recognize that the application is available to the user, and when the user accesses the application, additional portions of the code are downloaded to the device.

Question 38

Give examples of Cloud-Based Applications

Answer 38

Off-site email applications
Cloud file storage
Virtual application streaming
Client platforms

Question 39

Definition of container virtualization

Answer 39

Container virtualization: Enforces resource separation at the operating system level with each user having a separate instance to run in.

Question 40

Give a full description of Cloud-Based Network Controllers

Answer 40

When using a mix of local and cloud-based resources:
Can be difficult to see the entire network from a single management and monitoring interface.
Cloud-based network controller:
Allows you to register and monitor all of the organization’s networks.
Depends on Software Defined Networking (SDN).
SDN can be used to configure network access devices through software programs and scripts.