Discuss the benefits of virtualization software. Do you agree/disagree with these benefits? Also discuss the security concerns highlighted by server sprawl and how you would propose to solve those in your (real or hypothetical) organization.
Read the following learning materials.
Khelf, & Ghoualmi-Zine, N. (2018). IPsec/Firewall Security Policy Analysis: A Survey. 2018 International Conference on Signal, Image, Vision and Their Applications (SIVA), 1–7.
Cloud Computing and Virtualization
Pay-per-use computing model
Customers pay for only the resources they need
May revolutionize computing
Unlike hosted services, does not require long-term contracts
Three service models of cloud computing
Cloud software as a service (SaaS)
Cloud platform as a service (PaaS)
Cloud infrastructure as a service (IaaS)
Cloud Computing Options
Data—managed by the company or offsite by a third party.
Cloud infrastructure is shared by several organizations
Supports the shared concerns of a specific community.
Data is stored outside of the corporate data centers
In the cloud provider’s environment
Combination of two or more other clouds.
Public Clouds – Versions
Infrastructure as a Service (IaaS).
Infrastructure through grids or clusters of virtualized servers, networks, storage, and systems software.
Designed to augment or replace the functions of an entire data center.
The customer may have full control of the actual server configuration.
More risk management control over the data and environment.
Platform as a Service (PaaS).
Clients can run existing applications or develop new ones
Provider manages the hardware, operating system, and capacity
Limits the enterprise risk management capabilities.
Public Clouds – Versions
Software as a Service (SaaS) or Application Service Provider (ASP).
Software application functionality through a web browser.
The platform and infrastructure are fully managed by the cloud provider.
If the operating system or underlying service isn’t configured correctly, the data at the higher application layer may be at risk.
The most widely known and used form of cloud computing.
Some managers shy away from cloud computing because they are concerned about:
security—specifically about external threats from remote hackers and security breaches as the data travels to and from the cloud.
To manage risk, an SLA needs to spell out these requirements.
Cloud computing security challenges
Cloud provider must guarantee means to approve authorized users and deny imposters
Transmissions from the cloud must be protected
Customers’ data must be isolated from one another
Type II Virtualization
Requires a “host” operating system
Using the Type II Hypervisor, you create a virtual hardware environment for each VM
Install a “guest” operating system on each VM, just like installing a new computer
The host operating system shares access to the computer’s processor with the hypervisor
Does not provide the same performance as separate physical computers
Good testing or lab environment
A hybrid VMM sharing hardware access with a host operating system
Type I Virtualization
Hypervisor is an abstraction layer that interacts directly with the computer’s physical hardware
No host operating system required
Individual environments, called partitions have their own operating systems installed and accesses hardware through the hypervisor
No host operating system is sharing processor
Parent partition runs the virtualization stack which creates and manages the child partitions