professor Messer - client-side virtualization Flashcards
_ is • One computer, many operating systems • Mac OS X, Windows 7, Linux Ubuntu, all at the same time! • Separate OS, independent CPU, memory, network, etc. • But really one computer • Host-based virtualization • Your normal desktop plus others • Standalone server that hosts virtual machines • Enterprise-level • Been around since 1967 • IBM mainframe virtualization
Virtualization
The _ is Virtual Machine Manager • Manages the virtual platform and guest operating systems • May require a CPU that supports virtualization • Can improve performance • Hardware management • CPU • Networking • Security
hypervisor
Resource requirements for \_\_ are • CPU Processor Support • Intel: Virtualization Technology (VT) • AMD: AMD-V • Memory • Above and beyond host OS requirements • Disk space • Each guest OS has it’s own image • Network • Configurable on each guest OS (standalone, NAT, bridged, etc.) • Virtual switch
Virtualization
_ is
a native operating system
• Performing native OS processes
• This is identical to using a non-virtual system
Virtulization
_ is one device running processes designed for a completely different architecture • One device is pretending to be another • Original code is used • Code is interpreted for running on the current hardware • This is commonly slower than running natively •not easy to do
Emulation
__ is
• is a sweet spot for the bad guys
• No significant vulnerabilities yet
• VM escaping
• Malware recognizes it’s on a virtual machine
• Malware compromises the hypervisor
• Malware jumps from one guest OS to another
• Many hosted services are virtual environments
• Malware on one customer’s server can gather
information from another
hypervisor security
_ is
• Every guest is self-contained - Like a real computer
• Use traditional security controls
• Host-based firewall - Anti-virus, anti-spyware
• Watch out for rogue virtual machines (VMs)
• The bad guys try to install their own system
• You’re in big trouble
• Self-contained VMs provided by
• 3rd parties can be dangerous
• You have no idea what’s running on there
guest operating system security
_ of client side virtualization
• Most client-side virtual machine managers have
their own virtual (internal) networks
• Shared network address
• The virtual machine shares the same IP address
as the physical host
• Uses a private IP address internally
• Uses NAT to convert to the physical host IP
• Bridged network address
• The VM is a device on the physical network
• Private address
• The VM does not communicate outside
of the virtual network
Network requirements