Implementing Client Virtualization and Cloud Computing Flashcards
Definition of Virtualization
Virtualization: Software allowing a host computer to run multiple guest operating systems known as virtual machines.
What does a virtual platform require
Computer(s)
The hypervisor or Virtual Machine Monitor (VMM)
Guest operating systems or Virtual Machines (VMs)
Give the functions of hypervisors and a description of hypervisors
Each VM runs in a protected space
View from inside the VM is a CPU and memory
A hard disk is an image file
Components such as network adapters are emulated
Main functions of hypervisors
Emulation
Guest OS support
Assigning resources to each guest’s OS
Configuring networking
Configuring security
Definition of Type 2 hypervisor and examples
Type 2 hypervisor: A host-based hypervisor in which you install the host operating system first, then install the hypervisor.
Examples:
VMware Workstation
Oracle Virtual Box
Parallels Workstation
Definition of Type 1 hypervisor and examples
Type 1 hypervisor: A bare metal hypervisor that you install directly on the server’s hardware.
Examples:
VMware ESX Server
Microsoft Hyper-V
Citrix XEN Server
Linux KVM
Give all the points processor support and resource requirements
CPU with built-in instruction sets to facilitate virtualization
Intel: VT-x
AMD: AMD-v
SLAT to improve virtual memory performance
Intel: EPT
AMD: RVI
Multiple CPU resources
SMP
Multiple physical processors
Multi-core
HyperThreading
Each guest OS requires memory above that required by the host.
Each guest OS requires hard disk space for the VM image.
Most hypervisors allow guest VMs to use host adapters and peripherals.
Give a full description of virtual networks
Multiple VMs can communicate with each other using standard networking protocols.
Guest OS emulates standard network adapter hardware.
Can often have multiple adapters.
Configurable just like a physical adapter.
Hypervisor implements network connectivity via virtual switches.
Function like Ethernet switches.
Implemented in software.
Connectivity between virtual adapters and virtual switches configured in the hypervisor.
Can configure connectivity between host physical NIC and virtual switches.
Provides a bridge between the host platform and physical network switches.
Allows frames to pass between:
Physical and virtual machines.
Virtual machines and the host.
Give points to virtual machines
Client and Server OSs can be virtualized
Some hypervisors have limited support for certain OSs
Many purposes for deploying a virtual platform
Client-side virtualization
Deployed to desktop-type machines
Server-side virtualization
What is client-side virtualization
Client-side virtualization: Any solution designed to run on desktops or workstations in which the user interacts with the virtualization host directly.
Give examples of Virtual Machines
Virtual labs
Support legacy software applications
Development environment
Training
Definition of Server-side virtualization
Server-side virtualization: A solution in which one or more virtual servers are created on a physical server in which each virtual server acts like it was a separate computer.
Definition of server consolidation
Server consolidation: Using virtual servers, make more efficient use of system resources and hardware since most servers’ capacity is not fully utilized.
Give the advantages of virtual machines
Better hardware utilization:
Typical server hardware resource utilization of 10%.
Implies 8-9 additional server instances could obtain the same performance.
Definition of Rogue VM
Rogue VM: A virtual machine that has been installed without authorization.
Definition of VM sprawl
VM sprawl: The uncontrolled development of more and more virtual machines.
Give a full description of Guest OS Security
Each guest OS must be patched and protected against malware.
Running security software on each guest OS can cause performance issues.
Rogue VMs and VM sprawl are major security concerns.
System management software can detect rogue VMs.
VMs should conform to an application template.
Rogue developers often install backdoors and logic bombs.
Give a full description of Host Security
Host Security
If the host is compromised, so is guest Oss.
Host hardware failures are a single point of failure.
High resource utilization can decrease the MTBF of components.
DOS attack on a host or hypervisor causes more damage than to a single server.
Most hypervisors support disk snapshots to revert to the saved images.
Snapshots can be misused to perform DoS attacks.
Give a full description of Hypervisor Security
The hypervisor provides another attack surface
Few attacks have been detected so far
Keep hypervisor up-to-date with patches to help prevent VM escapes
Definition of MTBF
MTBF: The rating on a device or component that predicts the expected time between failures.
Definition of DoS
Denial of Service (DoS): A network attack that aims to disrupt a service, usually by overloading it.
Definition of VM escaping
VM escaping: Malware running on a guest OS jumping to another guest or to the host.
Definition of Cloud
Cloud: Any sort of IT infrastructure provided to the end user where the end user is not aware of or responsible for any details of the procurement, implementation, or management of the infrastructure.
What is the NIST definition of cloud computing
NIST definition for cloud computing:
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Examples of Cloud Computing
On-demand self-service
Broad network access
Resource pooling
Rapid elasticity
Measured service
Definition of Rapid elasticity
Rapid elasticity: The ability to scale cloud computing resources quickly to meet peak demand and just as quickly remove resources if they are not currently needed.
Definition of measured service
Measured service: A provider’s ability to control and bill a customer’s use of resources such as CPU, memory, disk, and network bandwidth through metering.
Give the benefits of Cloud Computing
Rapid elasticity
On-demand and pay-per-use
Measured service
Resource pooling
Flexibility
Give all common cloud models
Public or multi-tenant
Hosted private
Private
Community
Hybrid
Give a description of Internal and External Shared Resources
All networks share a pool of resources
File servers provide disk storage resources to clients
Shared folders
Servers use shared disk storage
SANs
A mix of virtualization and hybrid cloud solutions
Allows shared resources to be provisioned using:
Internally owned assets
Externally provisioned assets
Definition of Iaas
IaaS: A cloud computing service that enables a consumer to outsource computing equipment purchases and run their own data center.
Definition of Paas
PaaS: A cloud computing service that enables consumers to rent fully configured systems that are set up for specific purposes.
Definition of SaaS
SaaS: A cloud computing service that enables a service provider to make applications available over the Internet.
Definition of VDI
VDI: Using a VM as a means of provisioning corporate desktops
Definition of VDE
VDE: The virtual desktop environment or workspace.
Give a full description of Virtual Desktops
Desktop computers are replaced by low-spec, low-power thin client computers.
The thin client boots a minimal OS, allowing the user to log on to a VM stored on the company server infrastructure.
All application processing and data storage in the VDE or workspace is performed by the server.
All data is stored on the server so it is easier to back up, and the desktop VMs are easier to support and troubleshoot.
VDIs are better locked against unsecured user practices.
The main disadvantage is that in the event of a failure in the server or network infrastructure, users have no local processing ability.
Virtual NIC
Definition of Application virtualization
Application virtualization: Rather than run the whole client desktop as a virtual platform, the client either accesses a particular application hosted on a server or streams the application from the server to the client for local processing.
Definition of virtual application
Virtual application streaming: Just enough of an application is installed on the end-user device for the system to recognize that the application is available to the user, and when the user accesses the application, additional portions of the code are downloaded to the device.
Give examples of Cloud-Based Applications
Off-site email applications
Cloud file storage
Virtual application streaming
Client platforms
Definition of container virtualization
Container virtualization: Enforces resource separation at the operating system level with each user having a separate instance to run in.
Give a full description of Cloud-Based Network Controllers
When using a mix of local and cloud-based resources:
Can be difficult to see the entire network from a single management and monitoring interface.
Cloud-based network controller:
Allows you to register and monitor all of the organization’s networks.
Depends on Software Defined Networking (SDN).
SDN can be used to configure network access devices through software programs and scripts.
