Virtual image is an instance of the operating system, which shares system resource such as CPU time, memory and file system to simulate a computer machine. At the heart of the operating system lies a component called HAL (Hardware Abstraction Layer), which converts the CPU instructions to meaningful operating system calls, which are further used by the high level application layers. Virtualization is a software layer and runs along with the HAL and operating system to allow the creation of machine instances called guest systems. Guest systems that simulate a computer are capable of running any operating system such as Windows and Linux.
On a powerful machine multiple guest operating systems can run in parallel. This is similar to operating systems running several applications in multi tasking mode; the difference being that, in this case, several operating systems run using a shared CPU model in a multi threading mode.
We have written about using virtual machines and VMware specifically for QA before and we are generally big fans of them. However, there are some security and networking issues that you should be aware of is you are planning on using virtual machines in your IT environment.
- Hypervisor Security: The hypervisor is the layer between physical hardware and the operating system. It is bound to have vulnerabilities that can directly impact security. If the hypervisor is hacked, security of the entire host system is at risk and this can cause security issues for the entire organization
- Guest OS Security: Most of the time anti virus software is not installed on the guest OS and this can provide a entry point for a virus in to your IT environment. It is extremely difficult to detect the machine which caused the issue.
- Networking Security Issues: TCP IP communication between VM and host can’t be sniffed by intrusion detection systems if the communication is host only. So IDS systems fail to detect vulnerabilities and exploits happening within virtual machines.
- Host External Communication Security: In certain cases the firewall on the host is disabled in cases where the VMs require some port to be opened. This causes severe security threats for the host.
- Very High Bandwidth Utilization: VMs are operating systems. Windows and Linux try to update their software from the Internet and this causes N * Update size bandwidth usage in the enterprise. In situations where the VMs are restored from original images, this causes updates to happen again causing huge network bandwidth utilization in the enterprise.
- High DHCP Address Usage: When VMs are used in bridge mode, VMs consume DHCP addresses from the enterprise router. Many times VMs are shutdown within short duration of bringing them up. But since the DHCP server keeps the lease for 8 hours, this causes high DHCP address consumption .