At DestCert HQ, we’ve been hard at work on something very important: A CCSP MasterClass. We’re still a little too far out to give you exact dates, but a course that simplifies the arduous task of becoming a Certified Cloud Security Professional is well on the way.
As a little teaser, we’re going to dive into some important cloud concepts.
What are virtual machines (VMs)?
First, we’ll introduce virtual machines (VMs), which play a crucial role in cloud computing. A normal computer, like the laptops you may be reading this on, runs directly on top of the hardware. You have the physical compute, storage, and network resources, then the OS, and then your apps on top of it. The OS expects to have the underlying physical resources in order for it to function.
A virtual machine sits at another layer of abstraction. VMs live in a slightly deluded world. The thing is, they basically think that they are the same as real, physical computers. There is a layer of virtualization, known as the hypervisor, and then on top of that sits the VM’s operating system, then the VM’s apps on top. We often refer to VMs as guests and the underlying machine as the host.
What are hypervisors?
Hypervisors are also known as virtual machine monitors (VMMs). The hypervisor acts as a virtualization layer that essentially tricks the VM’s OS into thinking that it is running directly on the hardware. Instead, the hypervisor provides the VM’s OS with virtualized versions of the physical hardware. You can use the exact same copy of Windows (or any OS) on a physical laptop or as part of a VM. In both cases, Windows expects the underlying physical hardware, but when Windows is implemented as a guest OS, the hypervisor tricks it with virtualized resources.
One of the main benefits of VMs is that they allow us to run multiple machines on the same hardware. When combined with other cloud technologies, this gives us a huge amount of flexibility and can allow us to use our resources far more efficiently.
Type 1 hypervisors vs. type 2 hypervisors
There are two types of hypervisor. The first is type 1 hypervisors, which are also known as hardware hypervisors or baremetal hypervisors. These hypervisors just have the underlying physical hardware, and then the hypervisor straight on top. The VMs then go directly on top of the hypervisors.
Type 2 hypervisors are also known as operating system hypervisors. In contrast, type 2 hypervisors have the underlying hardware, an operating system, and then the hypervisor, with the VMs sitting on top. The addition of this operating system means that there is another layer which takes up more resources and increases the attack surface area. You can see the difference in the diagram comparing the two types of hypervisor.
If you’ve run a VM on your computer using VirtualBox or a similar program, VirtualBox is a type 2 hypervisor. As an example, you might have the physical laptop, then be running Linux on top of it as the host OS. You’ve then got VirtualBox as your hypervisor, and you might run Windows as the guest OS, with a bunch of apps on top of it.
Cloud providers often use type 1 hypervisors. The lack of an OS beneath the hypervisor helps them make their service more efficient. It also limits the potential for vulnerabilities.
