Virtualization provides benefits like improved flexibility and availability of computing resources through lower hardware costs and increased server utilization. However, it also presents security threats. Virtualization abstracts and hides the complex characteristics of a system and can emulate the instruction set of one machine on another. But any security breach of the physical host or hypervisor could make all virtual machines vulnerable. Proper configuration and hardening of virtual machines, hypervisor, host operating system, and restrictive host access are recommended to address security issues.
Virtualization provides benefits like improved flexibility and availability of computing resources through lower hardware costs and increased server utilization. However, it also presents security threats. Virtualization abstracts and hides the complex characteristics of a system and can emulate the instruction set of one machine on another. But any security breach of the physical host or hypervisor could make all virtual machines vulnerable. Proper configuration and hardening of virtual machines, hypervisor, host operating system, and restrictive host access are recommended to address security issues.
Virtualization provides benefits like improved flexibility and availability of computing resources through lower hardware costs and increased server utilization. However, it also presents security threats. Virtualization abstracts and hides the complex characteristics of a system and can emulate the instruction set of one machine on another. But any security breach of the physical host or hypervisor could make all virtual machines vulnerable. Proper configuration and hardening of virtual machines, hypervisor, host operating system, and restrictive host access are recommended to address security issues.
Physical Computing Resources • Any kind of Computer resource can be virtualized • CPU, Memory, Storage, OS • Others: N/W Switches, Routers, services, desktop • Virtualized component only be operational if physical resources empowers it from back-end • Virtualized devices may or may not resemble the actual physical components ( quality or architecture) • 32 bits CPU be produced from 64 bits CPU
Prof. Kiran Kumari
Business Benefits • Radically improves the flexibility and availability of computing resources • Organizations can gain in business • Lower H/W cost • Improvement in server utilization • Faster provisioning of applications and resources. • Faster and easier backup and recovery of key application workloads and data • Minimized or eliminated downtime • Increased IT productivity, efficiency, agility and responsiveness.
Prof. Kiran Kumari
Abstractions • Hiding the complex characteristics of a system • Virtualization is abstraction
Prof. Kiran Kumari
Emulation • Convert the binary code of one machine to equivalent binary code of another machine • Applications running on VMs are complied for the native Instruction Set Architecture (ISA) of the host machine • OR VMM need to do the conversion(emulation) • ISA of VM is emulated to ISA of Host
Prof. Kiran Kumari
Security Threats • Single Point Host: Any security breach at the physical level may lead to a large no of system break down
• Hypervisor: Any security breach can make whole
VMs vulnerable
• Complex Configuration: Any improper
configuration will increase the probability of vulnerabilities
Prof. Kiran Kumari
Security Recommendations • Hardening VMs: Any application of VMs cant bypass the VMM
• Hardening VMM and host OS: More focus on
security of hypervisor and host OS
• Restrictive Host: prevent from all external and
unauthorized access to host • Use of separate NIC for sensitive VMs
Prof. Kiran Kumari
References • Simulation, Emulation, and Virtualization | Their Differences (With the help of Examples) https://www.youtube.com/watch?v=vxg7EgVAxr0 • Cloud computing Black Book, Kailash Jayaswal • Cloud Computing, Sandeep Bhowmik • Mastering Cloud Computing, Rajkumar Buyya