Virtual Machines - Many of you have probably heard of them, and/or even used them . But for those of you who have not, here is a brief description.
Virtual Machines, or OS Virtualization, allows heterogeneous operating systems to run simultaneously on the same physical hardware. In a very basic form, imagine running Windows XP, Windows 2003 Enterprise Server, and Linux on the same computer at the same time. Each virtualized operating system, or environment, has access to disk drives, memory, video, input devices, and communications devices, all at the same time, on the same system.
Before we conclude this article on how virtualization is used to rapidly and securely deploy security toolsets, we will provide you with links to Virtual Machine software you can work with on a trial bases (or purchase) and at least one that is free of cost.
How We Use Virtual Machines For Various Testing
------------
Although the majority of the work we do is security
assessment, we routinely deploy security measures such as
perimeter defense, or enterprise firewall solutions. Many
times, we are replacing an existing defense system and need
to make sure that when we cut-over to the new system,
everything will function properly. For instance, when
deploying a firewall, or firewall clusters, we can simulate
the cluster design by installed the software into virtual
machines, on one physical system, and test the internal
firewall to firewall communications. Also, prior to
deploying the firewalls, we can create a virtual machine to
represent each network protected by the firewalls and test
connectivity / communication on each network e.g. Internet,
private network, DMZ's, and other protected nets, all with
just one system (usually a beefy laptop with a good bit of
memory). This method of testing prior to cutting over has
proven invaluable and mitigates the risk of serious problems
that might present themselves.
How We Use Virtual Machines In Security Assessments
------------
Each time we perform a security assessment for a customer,
we utilize specialized and proprietary software / tools.
However, once the assessment is completed, and we move on to
the next test or new customer, we need to start with a clean
platform. We never use the same OS install or instance of
tools for different testing phases or different customers.
Using Virtualization, we have pre-created many operating environments such as Windows, Linux, BSD, and Solaris to name a few, with clean installs and hardened operating systems. These pre-created, secure environments also contain all the necessary tools for the type of customer environment and security assessment we will be working on. By using Virtual Machines, we can deploy our testing platforms within minutes, not hours, and feel confident they are secure and ready to function. In fact, we can carry many of these ready-to-go operating environments with us when we travel using high capacity external disk systems. Typically the size of a regular paperback book.
How Else Can Virtual Machines Be Used
------------
The application, use, and benefit of Virtualization is quite
broad. For people at home, or technical people who wish to
learn new operating environments, Virtual Machines can be a
great tool for learning. Instead of purchasing multiple
physical machines to install the operating system and
applications you wish to become educated on, you can
purchase one performance based system, even a laptop, and
use virtualization to run them all at once. They can even be
configured quite easily to communicate with each other.
Another "big" benefit in using Virtual Machines, is they can be configured to more effectively and efficiently utilize your hardware investment. For instance, instead of purchasing two mid-range systems to run two different applications, you could purchase one an use virtualization to run them side-by-side. In many cases, when using dedicated systems for just one or two applications, the hardware is underutilized. Would it be a wise investment if the server you purchased is only being used at say, "25" percent of its capacity / capability? Virtualization can help you maximize the investment you make in performance based systems, and has the added benefit of server consolidation.
Conclusion
------------
Even if you are just curious about Virtual Machine
technology, it can b a great way to learn many aspects of
computing and network essentials. There are several major
players within the Virtualization industry, such as VMware.
VMware provides commercial Virtualization products, even for
workstation or desktop environments. You can also visit
Xensource, a great open-source (at no cost) Virtual Machine
solution. They have a demo you can download, burn to CD, and
boot from, or you can download the entire product and
install it on a dedicated system.
Regardless of the reason you have for looking into Virtualization, I can tell you that this technology as going to be a big player in the near future. In fact, processor manufacturers are even taking steps to create processors that are Virtual Machine aware.
You may reprint or publish this article free of charge as long as the bylines are included.
Original URL (The Web version of the article)
------------
Virtual Machines
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@ParaLogic.Net. If you would like to know more about computer security and auto-dialer virus please visit us at http://www.defendingthenet.com.