Cloud and Virtualization, Basics of
Virtualization, Types, Benefits
22 Jul 2024
Virtualization enables users to disjoint operating systems from the underlying
hardware, i.e, users can run multiple operating systems such as Windows, Linux, on
a single physical machine at the same time. Such operating systems are known as
guest Oses (operating systems).
Virtualization deploys software that makes an abstraction layer across computer
hardware, letting the hardware components such as processors, memory, storage etc
of a particular computer to be segmented into several virtual elements (also known as
virtual machines).
• Virtual Machine (VM): It is a virtual computer, executing underneath a
hypervisor.
• Hypervisor: It is an operating system, performing on the actual
hardware, the virtual counterpart is a subpart of this operating system
in the form of a running process. Hypervisors are observed as Domain
0 or Dom0.
• Container: Some light-weighted VMs that are subpart of the same
operating system instance as its hypervisor are known as containers.
They are a group of processes that runs along with their corresponding
namespace for process identifiers.
• Virtual Network: It is a logically separated network inside the servers
that could be expanded across multiple servers.
• Virtualization Software: Either be a piece of a software application
package or an operating system or a specific version of that operating
system, this is the software that assists in deploying the virtualization
on any computer device.
In the context of cloud computing, virtualization is a technique that makes a virtual
ecosystem of storage devices and the server OS.
• Cloud virtualization transforms the traditional computing methods such
that the workload management is more efficient, economic and
scalable.
• In that case, virtualization enables users to use various machines that
share one particular physical instance of any resource.
• Virtualization concerning Cloud Computing is being unified swiftly, and
advancing the conventional course of computing such as virtualization
is helping in the sharing of applications across a network thread of
several enterprises and active users.
Characteristics of Virtualization
Isolation: Virtualization software involves self-contained virtual machines, these VMs
give guest users (not an individual but a number of instances as applications,
operating systems, and devices) an isolated online, virtual environment. This online
environment not only defends sensitive knowledge but also allows guest users to
remain-connected.
Resource Distribution: Either be a single computer or a network of connected
servers, virtualization allows users to make a unique computer environment from one
host machine that lets users to restrict the participants as active users, scale down
power consumption and easy control.
Availability: Virtualization software provides various number of features that users
won’t obtain at physical servers, these features are beneficial in increasing uptime,
availability, fault tolerance, and many more. These features help users to avoid
downtime that subverts the users’ efficiencies and productivities and also generates
security threats and safety hazards.
Authenticity and security: At ease, virtualization platforms assure the continuous
uptime by balancing load automatically that runs an excessive number of servers
across multiple host machines in order to prevent interruption services.
Aggregation: Since virtualization allows several devices to split resources from a
single machine, so it can be deployed to join multiple devices into a single potent host.
In addition to that, aggregation also demands for cluster management software in
order to connect a homogeneous group of computers or servers collectively for making
a unified resource center.
Types:
Network Virtualization:
The ability to run multiple virtual networks with each has a separate control and data
plan. It co-exists together on top of one physical network. It can be managed by
individual parties that potentially confidential to each other.
Network virtualization provides a facility to create and provision virtual networks logical
switches, routers, firewalls, load balancer, Virtual Private Network (VPN), and
workload security within days or even in weeks.
Application Virtualization:
Application virtualization helps a user to have remote access of an application from a
server. The server stores all personal information and other characteristics of the
application but can still run on a local workstation through the internet. Example of this
would be a user who needs to run two different versions of the same software.
Technologies that use application virtualization are hosted applications and packaged
applications.
Desktop Virtualization:
Desktop virtualization allows the users’ OS to be remotely stored on a server in the
data centre. It allows the user to access their desktop virtually, from any location by a
different machine. Users who want specific operating systems other than Windows
Server will need to have a virtual desktop. Main benefits of desktop virtualization are
user mobility, portability, easy management of software installation, updates, and
patches.
Server Virtualization:
This is a kind of virtualization in which masking of server resources takes place. Here,
the central-server (physical server) is divided into multiple different virtual servers by
changing the identity number, processors. So, each system can operate its own
operating systems in isolate manner. Where each sub-server knows the identity of the
central server. It causes an increase in the performance and reduces the operating
cost by the deployment of main server resources into a sub-server resource. It’s
beneficial in virtual migration, reduce energy consumption, reduce infrastructural cost,
etc.
Storage Virtualization:
Storage virtualization is an array of servers that are managed by a virtual storage
system. The servers aren’t aware of exactly where their data is stored, and instead
function more like worker bees in a hive. It makes managing storage from multiple
sources to be managed and utilized as a single repository. storage virtualization
software maintains smooth operations, consistent performance and a continuous suite
of advanced functions despite changes, break down and differences in the underlying
equipment.
Data virtualization:
This is the kind of virtualization in which the data is collected from various sources and
managed that at a single place without knowing more about the technical information
like how data is collected, stored & formatted then arranged that data logically so that
its virtual view can be accessed by its interested people and stakeholders, and users
through the various cloud services remotely. Many big giant companies are providing
their services like Oracle, IBM, At scale, Cdata, etc.
Benefits
Hassle-free data transfers
Another benefit of virtualization in cloud computing is expedited data transfer. You can
easily transfer data from physical storage to a virtual server, and vice versa.
Virtualization in cloud computing can also handle long-distance data transfers.
Administrators don’t have to waste time digging through hard drives to find data.
Instead, dedicated server and cloud storage space allow you to easily locate required
files and transfer them appropriately.
Protection from system failures
No matter how careful you are with the technology you use, technology in general can
sometimes be prone to system issues. Businesses can handle a few glitches, but if
your developer is working on an important application that needs to be finished
immediately, the last thing you need is a system crash.
One advantage of virtualization in cloud computing is the automatic backup that takes
place across multiple devices. By storing all your backup data through virtualized cloud
services or networks, you can easily access files from any device. This multi-layered
access prevents you from losing any files, even if one system goes down for a time.
Firewall and security support
Security remains a central focus in the IT space. Through virtual firewalls, made
possible through computer virtualization, you can restrict access to your data at much
lower costs compared to traditional data protection methods. Virtualization earns you
protection from many potential cybersecurity issues, through a virtual switch that
protects your data and applications from harmful malware, viruses and other threats.
Firewall features for network virtualization allow you to create segments within the
system. Server virtualization storage on cloud services will save you from the risks of
lost or corruputed data. Cloud services are also encrypted with high-end protocols that
protect your data from various other threats. When data security is on the line,
virtualization offers premium-level protection without many of the associated firewall
costs.
Cost-effective strategies
Virtualization is a great way to reduce operational costs. With all the data stored on
virtual servers or clouds, there’s hardly a need for physical systems or hardware,
saving businesses a significant amount in waste, electricity and maintenance fees. In
fact, 70% of senior executives support the integration of virtualization at some level
across their organization, specifically for its time-saving properties. Virtualization also
saves companies a significant amount of server space, which can then be utilized to
further improve daily operations.
Smoother IT operations
Virtual networks help IT professionals improve efficiency in the workplace. These
networks are easy to operate and faster to process, eliminating downtime and helping
you save progress in real time. Before virtual networks were introduced in the digital
world, technical workers could take days, sometimes weeks, to create and sufficiently
support the same data across physical servers.
Apart from the operations, virtualization also helps IT support teams solve critical,
sometimes nuanced technical problems in cloud computing environments. Because
data is always available on a virtual server, technicians don’t have to waste time
recovering files from crashed or corrupted devices.
Memory Virtualization, Storage Virtualization,
Data Virtualization
10 Dec 2019
Memory Virtualization
Physical memory across different servers is aggregated into a single virtualized
memory pool. It provides the benefit of an enlarged contiguous working
memory. You may already be familiar with this, as some OS such as Microsoft
Windows OS allows a portion of your storage disk to serve as an extension of your
RAM.
Subtypes:
• Application-level control: Applications access the memory pool
directly
• Operating system level control: Access to the memory pool is
provided through an operating system
Storage Virtualization
Multiple physical storage devices are grouped together, which then appear as a
single storage device. This provides various advantages such as homogenization
of storage across storage devices of multiple capacity and speeds, reduced
downtime, load balancing and better optimization of performance and speed.
Partitioning your hard drive into multiple partitions is an example of this
virtualization.
Subtypes:
• Block Virtualization: Multiple storage devices are consolidated
into one
• File Virtualization: Storage system grants access to files that are
stored over multiple hosts
Data Virtualization
It lets you easily manipulate data, as the data is presented as an abstract layer
completely independent of data structure and database systems. Decreases data
input and formatting errors.
Hypervisor Management Software
23 Jan 2022
A hypervisor, also known as a virtual machine manager/monitor (VMM), is computer
hardware platform virtualization software that allows several operating systems to
share a single hardware host
Each operating system appears to have the host’s processor, memory, and resources
to it. Instead, the hypervisor is controlling the host processor and resources,
distributing what is needed to each operating system in turn and ensuring that the
guest operating systems/virtual machines are unable to disrupt each other.
The term ‘hypervisor’ originated in IBM’s CP-370 reimplementation of CP-67 for the
System/370, released in 1972 as VM/370.
The term ‘hypervisor call’ refers to the par virtualization interface, by which a guest
operating system accesses services directly from the higher-level control program.
This is the same concept as making a supervisor call to the same level operating
system.
Types of Hypervisor:
TYPE-1 Hypervisor:
The hypervisor runs directly on the underlying host system. It is also known as “Native
Hypervisor” or “Bare metal hypervisor”. It does not require any base server operating
system. It has direct access to hardware resources. Examples of Type 1 hypervisors
include VMware ESXi, Citrix XenServer and Microsoft Hyper-V hypervisor.
Advantages:
Such kind of hypervisors are very efficient because they have direct access to the
physical hardware resources(like CPU, Memory, Network, Physical storage). This
causes the empowerment the security because there is nothing any kind of the third-
party resource so that attacker couldn’t compromise with anything.
Disadvantages
One problem with Type-1 hypervisor is that they usually need a dedicated separate
machine to perform its operation and to instruct different VMs and control the host
hardware resources.
TYPE-2 Hypervisor:
A Host operating system runs on the underlying host system. It is also known as
‘Hosted Hypervisor”. Such kind of hypervisors doesn’t run directly over the underlying
hardware rather they run as an application in a Host system (physical machine).
Basically, software installed on an operating system. Hypervisor asks the operating
system to make hardware calls. Example of Type 2 hypervisor includes VMware
Player or Parallels Desktop. Hosted hypervisors are often found on endpoints like
PCs. The type-2 hypervisor is are very useful for engineers, security analyst (for
checking malware, or malicious source code and newly developed applications).
Advantages
Such kind of hypervisors allows quick and easy access to a guest Operating System
alongside the host machine running. These hypervisors usually come with additional
useful features for guest machine. Such tools enhance the coordination between the
host machine and guest machine.
Disadvantages
Here there is no direct access to the physical hardware resources so the efficiency of
these hypervisors lags in performance as compared to the type-1 hypervisors, and
potential security risks are also there an attacker can compromise the security
weakness if there is access to the host operating system so he can also access the
guest operating system.
Virtual Machine Security, IAM
22 Jul 2024
Virtual Machine Security
Virtualized security, or security virtualization, refers to security solutions that are
software-based and designed to work within a virtualized IT environment. This differs
from traditional, hardware-based network security, which is static and runs on devices
such as traditional firewalls, routers, and switches.
In contrast to hardware-based security, virtualized security is flexible and dynamic.
Instead of being tied to a device, it can be deployed anywhere in the network and is
often cloud-based. This is key for virtualized networks, in which operators spin up
workloads and applications dynamically; virtualized security allows security services
and functions to move around with those dynamically created workloads.
Cloud security considerations (such as isolating multitenant environments in public
cloud environments) are also important to virtualized security. The flexibility of
virtualized security is helpful for securing hybrid and multi-cloud environments, where
data and workloads migrate around a complicated ecosystem involving multiple
vendors.
Benefits:
Flexibility: Virtualized security functions can follow workloads anywhere, which is
crucial in a virtualized environment. It provides protection across multiple data centers
and in multi-cloud and hybrid cloud environments, allowing an organization to take
advantage of the full benefits of virtualization while also keeping data secure.
Cost-effectiveness: Virtualized security allows an enterprise to maintain a secure
network without a large increase in spending on expensive proprietary hardware.
Pricing for cloud-based virtualized security services is often determined by usage,
which can mean additional savings for organizations that use resources efficiently.
Operational efficiency: Quicker and easier to deploy than hardware-based security,
virtualized security doesn’t require IT teams to set up and configure multiple hardware
appliances. Instead, they can set up security systems through centralized software,
enabling rapid scaling. Using software to run security technology also allows security
tasks to be automated, freeing up additional time for IT teams.
Regulatory compliance: Traditional hardware-based security is static and unable to
keep up with the demands of a virtualized network, making virtualized security a
necessity for organizations that need to maintain regulatory compliance.
IAM
Identity and access management (IAM or IdAM for short) is a way to tell who a user is
and what they are allowed to do. IAM is like the bouncer at the door of a nightclub with
a list of who is allowed in, who isn’t allowed in, and who is able to access the VIP area.
IAM is also called identity management (IdM).
“Access” refers to what data a user can see and what actions they can perform once
they log in. Once John logs into his email, he can see all the emails he has sent and
received. However, he should not be able to see the emails sent and received by
Tracy, his coworker.
In other words, just because a user’s identity is verified, that doesn’t mean they should
be able to access whatever they want within a system or a network. For instance, a
low-level employee within a company should be able to access their corporate email
account, but they should not be able to access payroll records or confidential HR
information.
Access management is the process of controlling and tracking access. Each user
within a system will have different privileges within that system based on their
individual needs. An accountant does indeed need to access and edit payroll records,
so once they verify their identity, they should be able to view and update those records
as well as access their email account.
In cloud computing, data is stored remotely and accessed over the Internet. Because
users can connect to the Internet from almost any location and any device, most cloud
services are device- and location-agnostic. Users no longer need to be in the office or
on a company-owned device to access the cloud. And in fact, remote workforces are
becoming more common.
As a result, identity becomes the most important point of controlling access, not the
network perimeter.* The user’s identity, not their device or location, determines what
cloud data they can access and whether they can have any access at all.
To understand why identity is so important, here’s an illustration. Suppose a
cybercriminal wants to access sensitive files in a company’s corporate data center. In
the days before cloud computing was widely adopted, the cybercriminal would have
to get past the corporate firewall protecting the internal network or physically access
the server by breaking into the building or bribing an internal employee. The criminal’s
main goal would be to get past the network perimeter.
However, with cloud computing, sensitive files are stored in a remote cloud server.
Because employees of the company need to access the files, they do so by logging in
via browser or an app. If a cyber-criminal wants to access the files, now all they need
is employee login credentials (like a username and password) and an Internet
connection; the criminal doesn’t need to get past a network perimeter.
IAM helps prevent identity-based attacks and data breaches that come from privilege
escalations (when an unauthorized user has too much access). Thus, IAM systems
are essential for cloud computing, and for managing remote teams.