This post is an introduction to system virtualization.
It is part of a series of articles about virtualization.
Description of System Virtualization
System virtualization implies that a system (such as an operating system is virtualized). Because it was the first virtualization type to appear, it is often just referred as virtualization.
System virtualization is the act of creating a virtual (rather than actual) version of physical hardware, including servers, storage devices, and computer network resources.
Virtualization allows multiple virtual machines (VMs) to run on a single physical machine, each with its own operating system and applications. This enables better resource utilization, scalability, and flexibility in IT environments.
System virtualization is achieved through the use of hypervisors.
Hypervisors
A hypervisor is similar to an emulator; it is computer software, firmware or hardware that creates and runs virtual machines to run virtual systems.
Virtualization types:
- Type 1 hypervisor
- Type 2 hypervisor
In a type 1 hypervisor or bare-metal hypervisor, the hypervisor is directly run on the physical hardware.
In a type 2 hypervisor or hosted hypervisor, a host operating system is run on physical hardware, and contains the hypervisor and other applications.
A cloud service provider (CSP) would usually use a type 1 hypervisor, while a end user would usually use a type 2 hypervisor.
Hypervisor Platform Products
You can find examples of hypervisor platform products on this post.
System Virtualization Security
It is very important to maintain the VM isolation.
Hypervisor must be updated to avoid vulnerabilities.
VM escape attack means that the attacker is able to break out the virtualized guest operating system.
VM sprawl happens when there are unused VMs.
Virtualization on Endpoint Devices
Questions:
- If USB is disabled, USB in VM is also disabled?
- Are network devices visible from VM OS?
- Is there any way to block communication from host OS to VM OS? (avoid shared folder or functionality like VMWare’s Host Guest File System (HGFS))
System Virtualization Security Tools
RVTools
RVTools is a solution to assess VMware virtual machines.
It is proprietary freeware.
It was originally developed by Rob de Veij and then acquired by Dell Technologies in 2023.
You might also be interested in…
External References
- Virtualization on Endpoint Devices
- Quora community; “If I install a virtual machine…“; Quora
- StackExchange; “Security Implications of local admin on host vs local admin on virtual guest“
- VMWare; “Securing virtual machines“