Purpose of virtual machines
Virtualization allows you to have one physical computer, but you can run many different operations systems. For example, you can run Mac OS X, Windows 10, and Linux Ubuntu all at the same time.
Each virtualized operating system requires an independent CPU, memory, network, etc. but you’re still just using one physical computer.
With host based virtualization you’re running one main operating system as your normal desktop and then running other operating systems on top of that desktop.
In enterprise situations, it’s common to have one single large standalone server that hosts many virtual machines inside of it.
Resource requirements
CPU
Look for CPUs that support virtualization. For Intel, this would be those laced with Virtualization Technology (VT). For AMD, this is labeled as AMD-V.
Memory
You’ll need to have a lot of memory to support multiple operating systems running simulataneously. You’ll need to have in excess of what the host operating system requires.
Disk Space
Each virtualized guest operating system has it’s own image so you’ll need a lot of disk space to handle all of the separate systems.
Network
You can configure the network settings on each virtualized guest operating system. Common network configurations include configuring it as a standalone machine, performing NAT (network address translation) to your existing network, bridged to look like any other system on your local network, etc.
On more advanced systems, you even create virtual switches and have separate VLANs for the virtual machines running on your desktop.
Emulator requirements
An emulator is different from virtualization. Emulation allows you to run software that normally you might not be able to. An emulation is one device running processes designed for a different architecture. For example, running a Mac application on a Windows machine. An emulator allows one device to pretend to be a different type of device. Original code is used but you’re running software that emulates that code on a brand new system. Emulation is slower than running the application on the hardware it was designed for.
Emulators generally require more processing power and RAM than a hypervisor requires for a virtual machine. Operating systems and applications generally run slower on an emulator vs how they would run on the original hardware due to the translation and redirection of commands from within the emulator to the underlying computer.
Security requirements
Virtual machine escaping is a security vulnerability. This refers to when malware is loaded onto one virtual machine. The malware recognizes it is being run on a virtual machine and then takes advantage of hypervisor vulnerability and is able to get to one of the other virtual machines managed by the hypervisor.
Many hosted services are virtual environments which means malware on one customer’s server can leach into another customer’s data.
Hypervisor vulnerabilities are rare.
You to need think about security on each of the virtual machines themselves. Every guest operating system is a self contained operating system, just as if it were its own real computer. That means the same patching standards and remediation for each OS still applies. Use traditional security controls such as host based firewalls, anti-virus, anti-spyware, password protection, etc.
You need to watch out for rogue virtual machines. Attackers may try to install their own virtual machine on your system.
Self-contained virtual machines provided by 3rd parties can be dangerous since you have no idea what’s running on there. Make sure you’re running trusted virtual machines on your system. Be careful of any virtual machines that you download and run from the Internet.
Network requirements
Most client side virtual machine managers have their own virtual (internal) networks.
One type of network configuration for the virtual machines running on your desktop, is the shared network address. With this configuration, the virtual machine share the same IP address as the physical host. It uses NAT to convert from an internal address to the external address shared by the physical host IP. It uses a private IP address internally.
Bridged network address is another type of configuration for virtual machines. With this configuration, each virtual machine has its own IP address on your local network. Each virtual machine can use DHCP to obtain an IP address from your DHCP server. Or you can configure manual IP addressing on each of your virtual machines.
Another type of network configuration for VMs is a private address. With this configuration, the VM is not allowed to communicate outside of the virtual network. It can only communicate with other virtual machines on the same private network.
Hypervisor
The hypervisor is the software the manages all of the virtual systems that are running and keeps all of the different OS resources separate. It manages the visual platform and the guest operating systems. A hypervisor may also be called the Virtual Machine Manager. A hypervisor may require a CPU that supports virtualization. Some hypervisors will allow you to run even if the CPU doesn’t support virtualization. But if your CPU supports virtualization, it’s best to integrate it with the hypervisor for better performance.
Hypervisor is in charge of everything associated with the virtual machine (CPU, networking, storage, security, etc.)
