Presentation on theme: "5205 – IT Service Delivery and Support"— Presentation transcript:
1 5205 – IT Service Delivery and Support Virtual Machine5205 – IT Service Delivery and SupportDarshana ShardhaLeo SerranoKalyani Prabhakar
2 What is virtualization Virtualization is a software technologyDivides a physical resource into multiple virtual resourcesConsolidates physical resourcesSeparates Operating systems from hardwareEnables multiple operating systems and applications to share the resources of a single physical machineCreates a virtual environment where a physical resource is divided into multiple resourcesPartitions one physical server into multiple virtual servers or machinesOS is not connected to the hardware it is installed on … the software creates a layer on top of the hardware upon which one can install instances of OSs.In the past, when OS was installed in a computer,it got connected to the hardwareDevice drivers got linked to the hardwaremigration was a tedious, long processVirtualization has made the deployment of VMs a simple processMoving a VM around is just like moving a document, a picture fileConsolidates physical resources by making it possible to have one high-power server running different operating systemsEach VM interact independently with other devices, applications, data and users as though it were a separate physical resourceDifferent VMs can run on different operating systems and multiple applications while sharing the resources of a single physical computerEach VM is isolated from each other, if one crashes, it does not affect the others
3 Types of Virtualization Server VirtualizationOne physical server is partitioned into smaller virtual serversResources of physical server are hidden from usersStorage VirtualizationPhysical storage from multiple network storage devices are virtualizedNetwork VirtualizationAvailable resources in a network are combined by splitting the available bandwidth into independent channelsEach channel can be assigned or reassigned to a device in real time
4 History In 1970s, IBM introduced virtualization technology Used the technology to partition mainframe systems into logical, separate virtual machines that could run multiple applications and processes at the same timeExamples of the current virtualization solutions: VMWare, Citrix, Microsoft, IBM, RedHat
5 HypervisorLayer of abstraction between the hardware and guest operating systemsCalled Virtual Machine ManagerA resource manager that monitors and manages sharing of processing power and memory
6 Type II–Hosted Hypervisor Types of HypervisorType I – Bare MetalType II–Hosted HypervisorOS1OS2OS3OS4OS1OS2OS3OS4HypervisorHypervisorHost HardwareOperating SystemHost HardwareHypervisor installed directly onto the hardwareHost OS is installed onto the physical hardwareInstances of OS installed onto the hypervisorHypervisor is the second layer installed onto the host OSNeeds a management consoleHost OS provides the management functions
7 Benefits Reduced cost (efficiency)and maintenance is easier increase efficiency and decreased cost in IT operationServer hardware costs decrease for both server builds and server maintenancePhysical footprint of servers may decreaseLess heat buildupOperating costs reducedOSs can share processing capacity and storage spaceFaster redeployment and easier backup strategyBetter testingA single host can have multiple versions of the same OS, or even difference OSs, to facilitate testingEase of migration and ease of growthManagement tasks, such as securing and updating desktops is centralized through virtualization management functions.darshana
8 Limitations Host represents a potential single point of failure impact larger in both scope and sizeData leakageData could leak if memory is not released and allocated in controlled mannerInadequate configuration or exploits of vulnerabilities could have a very big impactHigh risk in physical faultrequires high availability/redundancyPerformance concernsApplication compatibilityApplications that require a lot of memory, processing power or input/output are not suitable for virtual implementationBandwidth consumption is much higher due to high VM density on a single physical server.darshana
9 Security RisksSince the virtualization host is an OS in itself, the performance risks associated with any OS apply to virtualized hosts servicing other guest servers.The host providing a receptacle for multiple guest servers represents a single point of failure for the guest OSs residing on that host.Hosts usually have the capability to reallocate memory among guests. Assurance is needed that the memory released by the first guest using that storage is not disclosing content to the receiving guest servers using those addresses.darshana1. Patching, antivirus, limited services, logging, appropriate permissions and other configuration settings that represent a secure configuration for any server gain importance on a host carrying multiple guest servers.Access Control is more crucial because of the single point of failure.2. Should the host become compromised, the resources needed by the guests can become unavailable. Physical and logical access controls over hosts, including local and remote, are paramount.
10 ...Security Risks (cont) Architectural vulnerability The layer of abstraction between the physical hardware and the virtualised systems running the IT services is a potential target of attack.Software vulnerabilityThe most important software in a virtual IT system is the hypervisor. Any security vulnerability in the hypervisor software will put VMs at risk of failure.Configuration risksDue to the ease of cloning and copying images, a new infrastructure can be deployed very easily in a virtual environment. This introduces configuration drift; as a result, controlling and accounting for the rapidly deployed environments becomes a critical task.
11 How to address the risks Strong physical and logical access controlsSound configuration management practices and system hardeningAppropriate network segregationStrong change management practices
12 IT Audit of Virtual Environment Auditing a VM server is similar to auditing a physical server. The same principles, best practices, and basic audit approaches can be usedThings to keep in mind: Some VM tools are proprietary and unique to VMs, VM creation takes minutes or even seconds,
13 IT Audit of Virtual Environment The IT auditor should gain an adequate understanding of the infrastructure and how controls are embedded, or overlaid upon, the partitions and server.Evaluate the completeness of the VM documentation: Change controls, and logs.Ensure that you know how to determine completeness of log data in regards to VMs.Are the partitions different operating systems?Are the partitions on a single server or across servers?What partitions exist for which environments on which boxes (i.e., a network map)?Are there controls over each partition similar to those expected for a server?Are there controls for specific users that limit access and read/write capabilities?Does a standard naming convention exist, and, if so, what is it—for server, partition, library/folder names? These, of course, help IT auditors perform their duties.What controls are in place for deploying multiple copies of software (maybe thousands!)The understanding of the VM environment and subsequent evaluation and testing of controls will likely focus on the network map. The IT auditor should determine where in the VM world the following types of systems are located, if they exist:Systems developmentSystems testing (staging or sandbox environment)Production systems (the larger the company, the more of these will exist)Regional business unit servers (if applicable)
14 IT Audit of Virtual Environment The auditor should be familiar with the best practices as a benchmark for effective control.They should use these best practices as a baseline and ensure settings have not been altered since the VM’s creation.Communication methods between servers and servers and servers and outside devices should be carefully configured. Check for the use of virtual firewalls and virtualized intrusion detection.Verify the security and location of the management console.
15 Future of VMs Network as a Service (Naas) Replacement of Desktops with thin clients running on centralized servers.Enhanced VM mobility and live migrationPrivate cloud computingSoftware defined everythingLEO
16 Conclusion What this means to you? Risk Example The bottom line is that VM technology will be a staple of IT in business for years to come and the IT auditor needs to be able to evaluate the process of creating, deploying, managing and making changes to virtual machines.