Security Architecture: Virtualization Concept Flashcards
What is Virtualization?
In virtualization, software simulates hardware functionality to create a virtual computer system, which enables you to use one server to run multiple virtual systems, operating systems, and applications. It gets more and more important with every passing year, and is critical technology that’s enabled cloud computing. There are many forms, including:
Server virtualization
Network virtualization
Storage virtualization
Desktop virtualization
Virtualization can increase the complexity of security requirements. For example, in the case of a virtual machine (VM), we need to be concerned about securing the VM operating system (OS) and the hypervisor software that makes the VM possible.
What are containers?
Containers (Containers Virtualization) enable the operation of multiple operating systems inside a single instance, and they’re the evolution of the VM concept. A container consists of an entire runtime environment bundled into one package, including all application:
Dependencies
Libraries
Configuration files
Additionally binaries that are required for an application to run.
How can you manage containers?
You typically manage containers using software such as Kubernetes. Such packages are responsible for scheduling and securing container deployments.
How are Containers structured?
Typically, containers are Multiple VM’s running a specific task such as Web service or email – Building VM’s that has a guest operating system inside them that is underutilized. (Microsoft) -So they maximized it by putting it in containers and used less operating power.
Microservice friendly
Management platform for these containers to apply security. Redundancy and resiliency for this process.
Such as Kubernetes
Docker swarms
Red hat openshift service
AWS container service
What are the security considerations do we need to look for in containers?
Will need to consider the shared security responsibility (ACL applied) Through subnets (NAC) - Police Traffic in the VM in and out of communications