Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intro to Virtualization

Similar presentations

Presentation on theme: "Intro to Virtualization"— Presentation transcript:

1 Intro to Virtualization
Talk about the increasing move to the cloud Address how more organizations are increasing relliance on cloud providers in many capacities What the cloud really means? Nothing- it's the freaking internet What is the main difference? Relying on someone else is nice, less overhead, pay experts to do “their job” No need to worry about hardware failure Less control over physical access Phil Grimes Coach / Mentor Security Consultant

2 What is a Virtual Machine?
Computer within a computer It's there, but it's not Logically looks like physical machine Memory (RAM) Ethernet Connection Storage (Hard disks) Other components? The cloud is something to embrace Comes w/ risk like anything It's happening now and has no indication of slowing Financial Institutions, Health Care, Government Outsourcing and Compartmentalizing Providers take the time to implement a secure infrastructure and that client's data and applications are protected from unauthorized access Several areas of focus which help achieve this goal Clients Responsibility to ensure provider has taken proper security countermeasures to protect their data

3 Level the Playing Field
Host operating system (host OS) The operating system of the physical computer on which the virtual machine was installed. Guest operating system (guest OS) The operating system running inside the virtual machine. Snapshot A snapshot is a copy of the virtual machine’s current state. Multiple snapshots can be saved to go back to at any given time. Image The actual virtual machine Provider should be willing to show detailed information on security programs Policies Risk Management/Control

4 VM Advantages 1. Privileged user access. Sensitive data processed outside the enterprise brings with it an inherent level of risk, because outsourced services bypass the "physical, logical and personnel controls" IT shops exert over in-house programs. Get as much information as you can about the people who manage your data. "Ask providers to supply specific information on the hiring and oversight of privileged administrators, and the controls over their access," Gartner says. 2. Regulatory compliance. Customers are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider. Traditional service providers are subjected to external audits and security certifications. Cloud computing providers who refuse to undergo this scrutiny are "signaling that customers can only use them for the most trivial functions," according to Gartner. 3. Data location. When you use the cloud, you probably won't know exactly where your data is hosted. In fact, you might not even know what country it will be stored in. Ask providers if they will commit to storing and processing data in specific jurisdictions, and whether they will make a contractual commitment to obey local privacy requirements on behalf of their customers, Gartner advises. 4. Data segregation. Data in the cloud is typically in a shared environment alongside data from other customers. Encryption is effective but isn't a cure-all. "Find out what is done to segregate data at rest," Gartner advises. The cloud provider should provide evidence that encryption schemes were designed and tested by experienced specialists. "Encryption accidents can make data totally unusable, and even normal encryption can complicate availability," Gartner says. 5. Recovery. Even if you don't know where your data is, a cloud provider should tell you what will happen to your data and service in case of a disaster. "Any offering that does not replicate the data and application infrastructure across multiple sites is vulnerable to a total failure," Gartner says. Ask your provider if it has "the ability to do a complete restoration, and how long it will take." 6. Investigative support. Investigating inappropriate or illegal activity may be impossible in cloud computing, Gartner warns. "Cloud services are especially difficult to investigate, because logging and data for multiple customers may be co-located and may also be spread across an ever- changing set of hosts and data centers. If you cannot get a contractual commitment to support specific forms of investigation, along with evidence that the vendor has already successfully supported such activities, then your only safe assumption is that investigation and discovery requests will be impossible." 7. Long-term viability. Ideally, your cloud computing provider will never go broke or get acquired and swallowed up by a larger company. But you must be sure your data will remain available even after such an event. "Ask potential providers how you would get your data back and if it would be in a format that you could import into a replacement application," Gartner says.

5 Flexibility Travel back and forward in virtual machine time
Run multiple operating systems (OS) and applications on one physical machine at the same time Independent of hardware or software underneath the VM Run legacy applications without having to changes current OS settings

6 Scalability & Portability
Multiple VMs can reside on one physical machine Easily transported from one machine to another

7 Cost Less expensive than buying multiple machines (less hardware to purchase) Less power/electricity than having more physical machines Save time testing new software without it affecting your current configurations

8 VM Disadvantages

9 Requirements are a must
Purpose of the machine How many users will need to be accommodated (now and in the future) Types of demands users will be placing on the machine (now and in the future)

10 Performance, Resources, & Failure (oh my!)
Performance might be degraded if necessary hardware has not been allocated Running VMs simultaneously requires more hardware resources Single point of failure If host machine fails, all VMs residing on that machine fail

11 Tools of the Game Many tools exist to create and run virtual machines, however, CyberPatriot VI will use Vmware VMware player A free product that will allow you to run virtual images on your computer

12 How to Get VMWare To obtain a copy of the VMware player software, follow these steps: 1. Open a web browser and type into the location bar. 2. Click on the “Download” button on the VMware Player home page. 3. Scroll down and under ‘Product Downloads’ you will see “VMPlayer x.x.x”. Click on the “Download” button. This will take you to a registration page.

13 How to Get VMWare (con't)
Register for an account (if you have an existing account, please login and go to step 11) 4. You must register for a free VMware account with a valid address in order to download the VMware player software. 5. After you register for a free VMware account, check your for the registration confirmation from VMware. 6. Inside your registration confirmation from VMware there is a link to download VMware products 7. Click on the link or copy and paste the URL into a web browser.

14 How to Get VMWare (con't)
8. Enter your password for the account you created. A new account much be activated before downloading products. 9. Once you have logged in you will be taken to another web page asking you to “Access Your to Activate and Access Your Free Download.” 10. Go back to the account you used to register for your VMware account and check for a message from “The VMware Team”. Inside that message will be a link “Download VMware Player”. Click on that link to go to the VMware Player Free Product Download page.

15 How to Get VMWare (con't)
Continue following these steps 11. Under the “Binaries” section look for “VMware Player for 32-bit and 64-bit Windows” – this should be the first entry. Click on the “Start Download Manager” button to the right of the description.

16 How to Get VMWare (con't)
Continue following these steps 12. You will be prompted to save the file and your VMware Player installer should begin to download. 13. Once the installer has finished downloading, double-click it to begin the installation. 14. Follow the instruction prompts to install VMware Player and be sure to reboot your system when prompted at the end of the installation. NOTE: These instructions apply only to computers running a Windows operating system such as Vista, Windows 7, Windows XP, etc. If you are using a Linux-based system you will need a different version of the VMware software. If you are using a Macintosh you will need additional software, such as Fusion, as there is no VMware Player software available for Macintosh systems. These instructions also assume there are no VMware products already installed on the system you are using.

17 VMWare Image When you create or download a VMware image you may notice there are several files associated with that image. DO NOT make any changes to these files unless specifically instructed to do so. Modifying these files can severely impact the performance of your virtual image and may render it inoperable. Some of the file types you will see associated with a VMware image are *.vmdk: Simulated hard drive for your virtual system. There may be one or more of these files associated with your virtual image as VMware allows you to split a single virtual disk into multiple 2GB files. *.vmx: These files contain details such as the type of hardware to simulate for the virtual system, the amount of memory to allow the virtual machine to use, and so on. *.nvram: This file stores the state of the virtual machine's BIOS.

18 VMWare Image (con't) CyberPatriot training and competitions require downloading of VMware images. It is extremely important that you verify you have a “clean” download. You may do this by matching the checksum of the file you downloaded with the checksum displayed on the web page where you downloaded the CyberPatriot image. A checksum is a mathematical calculation based on the data contained in a file – matching checksums allows you to determine if a file has been corrupted or modified from its original state. If the checksum of the file you downloaded does not match the checksum displayed on the web page where you downloaded the file you must download the image again. VMware also hosts a Virtual Appliance Marketplace at Over 1,000 pre-built VMware images containing everything from different operating systems to demonstrations of security and network management products are available to download. CyberPatriot is in no way affiliated with the Virtual Application Marketplace or any of the content made available through the marketplace. Users download and use the virtual appliances at their own risk.

19 Using VMWare Player

20 Open VMWare Image To launch VMware Player and browse for a virtual image, follow these steps: Start the Player Start- >VMware->VMware Player from your Windows Start menu The dialog box will appear. Click on “Open a Virtual Machine”.

21 Open VMWare Image (con't)
This will take you back to the main VMware Player screen. Select the image name on the left, then click ‘Play virtual machine’

22 Open VMWare Image (con't)
Browse to the directory where you’ve downloaded or unzipped a virtual image. Click to select the .vmx file associated with the virtual image you wish to start and click the “Open” button

23 Open VMWare Image (con't)
If this is the first time you’ve started the VMware image a dialog box (see below) will Appear. Select ‘I copied it’, then Click ‘OK’ to continue.

24 Open VMWare Image (con't)
The next screen you may see will a list removable devices that can be associated with and accessed by the virtual image. Click “OK” to continue.

25 Open VMWare Image (con't)
When the virtual image has finished booting, you will see a login screen or welcome screen just as you would on a physical computer loaded with the same operating system that is running inside your virtual image. For example, a virtual image running Windows XP.

26 Homework Download VMware images from the CyberPatriot website
Windows XP workstation Windows 2003 server Stop doing stupid awareness, only teach awareness for laptop prevention. Teach them to be netcops instead. Read the posts on SoS for more reference.

27 Independent Study Suggested components to research
Windows Registry XP based Windows Recovery Console XP based System Restore Vista and 7 based Restore Guide Windows XP workstation Windows 2003 serverbased Restore Guide SVCHOST.EXE Hiding files Windows Forensics XP Firewall Vista/7 God Mode Safe Mode Automatic Updates Program Startup Locations Sysinternals Stop doing stupid awareness, only teach awareness for laptop prevention. Teach them to be netcops instead. Read the posts on SoS for more reference.

28 Q & A // Discussions

Download ppt "Intro to Virtualization"

Similar presentations

Ads by Google