Cloud-based services have grown to monopolize some segments of the tech fields. In many cases, it is simply more economically feasible to go to companies like Amazon and make use of their distributed computational infrastructure than to purchase and run servers on location. Here we will look at some of the options available, and what parts of an enterprise can be virtualized.
Virtualization involves the use of what are called VMs or Virtual Machines. A program such as VMware or VirtualBox allows the real-time simulation of various operating systems from Linux, Mac, and Windows to less well known OS’s such as those used for routers and on Cisco devices. In many cases, companies choose to use virtual machines instead of physical hardware to more cheaply and efficiently operate high-traffic scenarios.
Virtual machines can either be run “bare-metal”, meaning directly on the hardware and below any other operating system, or in the previously mentioned hypervisor programs which are capable of managing multiple virtual machines on one physical machine so long as the computational power and memory exists to do so. These are known respectively as Type 1 and Type 2 hypervisors.
Type 1/bare-metal hypervisors without an underlying OS have the advantage of having no OS or device drivers to contend with for resources and are generally regarded as the most efficient form of hypervisor with the best performance. Some examples are VMware ESXi, Microsoft Hyper-v server and open source KVM. These hypervisors are also highly secure. The kinds of vulnerabilities intrinsic to Type 2 hypervisors are absent from bare-metal solutions due to the removal of the attack surface of Type-2 running on the underlying OS of the physical machine. This provides for the logical isolation of Type-1 hypervisors against attack.
Type-2 hypervisors have an unavoidable latency because all their work must pass through the host’s OS. Any security flaws in the OS (of which Windows in particular has many) could potentially compromise all VMs running above it. Because of this, Type-2 hypervisors are typically not used for data centers, instead being used more on end-user systems and in situations where performance and security are not as great a concern. These hypervisors are often used by developers to test products before release.
Both types use something called “hardware acceleration” to different degrees, though Type-2 hypervisors can fall back on software emulation if the native hardware is not supported on the computer. Hardware acceleration includes Intel Virtualization Technology extensions and AMD extensions for those CPU types.
The appeal of virtual machines is obvious. Whereas in the past it was necessary to have a physical infrastructure of servers to support even relatively basic enterprises, companies now can choose to use a subscription to a service dedicated to hosting this storage and processing power off-site. Virtual machines move this infrastructure into a logical space and reduce attack surface and costs associated with having a sprawling network of machines on-site. Firewalls are often virtualized today, as are the resources responsible for single-sign on for end users and user authentication.
Contact us at firstname.lastname@example.org
or call 24/7 (210)-446-4863