Alright so by now you should be aware of the basics of confidentiality, availability and integrity. You should also have a firm grasp of risk management controls.
So today we're going to dive into virtualization.
Here's what we're going to get into:
This is probably one of my favorite topics to get into so let me now waste any more time. Let's go!
So what do we mean by "virtualization"?
The first time I heard of the term I couldn't stop thinking of virtual reality headsets. I imagined IT engineers sitting in a server room with crazy VR helmets strapped to their heads. I know it's a crazy thought haha but hey - what can I say?
When we talk about virtualization it actually has nothing to do with VR helmets.
Virtualization just means we can have one or more operating systems running concurrently on a single physical computer.
In order for this to happen there are several technologies at work.
First you have the hypervisor.
The hypervisor is the software that manages all the VMs. Some well known hypervisors are:
There are two types of hypervisors conveniently named Type 1 and Type 2 hypervisors.
The Type 1 hypervisors (also known as bare-metal hypervisors) are friggin awesome because they don't need to run within an operating system. You see, the problem here is that VMWare Workstation, Oracle VirtualBox and Microsoft Hyper-V are Type 1 hypervisors. This means they run on top of an operating system.
In order to run VMWare Workstation I need to install Windows.
And then I need to install VMWare Workstation inside Windows.
And then inside VMWare workstation, I install a bunch of VMs running "virtual" versions of Linux, Windows and whatever else I want. But this isn't nearly as fast, from a performance perspective, as just running the hypervisor without the operating system middle man.
That's what a Type 1 hypervisor is. VMWare ESXi is a great example of this and it's an awesome product. We might look into that later depending on what kind of mood I'm in hahaa.
Okay so let's talk a little bit about hosts and guests.
The physical machine running the hypervisor is known as the host because it is hosting the hypervisor software. As you can probably imagine, this host machine has to be pretty beefy to support all the running VMs (also known as guest machines)
The host typically has ample hard drive space, ideally running on a solid state drive (SSD). It usually has super fast network interface cards (NICs), plenty of CPU processing power and tons of super fast random access memory (RAM).
So why would anyone do this with all the high-end requirements?
The major advantage of virtualization is simple: cost.
From a business perspective, it's more economical to purchase one beefy machine and run 10 guest operating systems on it than it is to purchase 10 physical machines with the same specifications.
One of the reasons for this is that a business owner only has to pay for cooling and electricity for one physical machine, not 10. In addition, since all the guest machines are virtual they take up zero physical space which is a huge plus for small data centers and server closets.
The other big benefit of virtualization is scalability.
Scalability means the computing resources can be adjusted on demand.
So if you have a beefy VM host with 10 guest VM web servers, and one of those web servers starts crawling because a script kiddie in Russia launched a distributed denial of service (DDoS) attack against the server, you can dynamically increase the amount of memory needed by that server.
You can even configure the hypervisor to do this automatically adjust resources on the fly. And it can automatically relinquish computing resources so when the attack subsides, other VMs on the physical host can jump in and use resources as needed.
How cool is that?
Elasticity is similar to scalability. I like to think of it like a heavy duty rubber band that stretches and flexes under stress.
So, for example, imagine have have a cluster of 12 physical servers all performing the same task. Maybe these servers busy balancing the load against a critical database that processes billions of payments per hour (man i would love to own that server haha)
Lets say that most of time all the servers are at 30% capacity. So 70% of physical resources are just being wasted. The servers have the ability to do more work but they aren't being utilized efficiently right?
In this situation we could probably convert 4 of the physical servers to virtual hosts. And each host could be running 3 virtualized versions of the physical host. In other words, you could have 4 of your 12 physical hosts, supporting 3 VMs each. That would give you 12 total servers. Then you could take the remaining 8 physical hosts and sell them back to vendor to get your money back with suffering a performance hit!
That's the advantage of virtualization. It's all about cost baby.
Another advantage of virtualization are snapshots.
I used to do a lot of malware analysis at my last job. I spent a lot of time reverse engineering trojans, backdoors and ransomware. It was super fun but also dangerous.
Because it was very easy to accidentally infect my computer!
If you infect a Windows machine what's the next step?
Format, Fdisk, Reinstall, do dah... do dah...
Yeah, you better get up and do the dance because it's going to take you forever to finish. But with snapshots, I can simply take a picture of the complete state of my VM BEFORE I infect it. Then If I goober something up, all I need to do is restore the snapshot. It literally take seconds to do this (partially because I have a solid state drive)
But it's really awesome and makes it really easy to back out of disaster. It gives you more confidence to work and try new things and saves a ton of time.
The last big advantage of virtualization is that the entire virtual computer is expressed as a small collection of files.
So moving a computer from one place to the next is simply a matter of copying and pasting files. And restoring a bad VM is just a matter of restoring a few backup files.
Alright, so I think that's enough for this article.
Next week we'll dig into:
I mean it's not all good! There are some cons - so we'll talk about those next time.
In the meantime, sign-up and join our newsletter so we can get you tons of free resources, tips and labs to really help you make this stuff stick. I've got tons of videos and tutorials that we send our subscribers that we don't publish on the main site...
So you don't want to miss out on that.
Anyway - that's all for now - I'll see you next week. Remember if you have any questions feel free to leave a comment below.
Join our FREE mailing list to get FREE Security+ training online. You'll get tons of Security+ videos, braindump PDFs, lab simulations and more.
Pop in your first name and best email address and we'll send you:
The latest updates on the CompTIA Security+ SY0-501 exam
Proven tips and tricks for passing the exam
Hands on video labs with complete step-by-step walk-throughs
And don't forget to refresh your inbox. You should see us there in about 3 minutes.