3.5 Hypervisors: TYPE I and TYPE II

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

9 hours 48 minutes
Video Transcription
all right. Now, our next topic, we've gotta talk about hyper visors because, as we know, virtual ization is what has allowed cloud computing to be profitable right prior to virtual ization.
The cloud, you know, you might still access software is a service, but this idea of infrastructures of service, it just wasn't possible
because we didn't have that way of taking physical servers and giving them up across multiple tenants. But now we do because of virtual ization.
So if you're looking at an environment with infrastructures of service what, you're essentially doing this, You're getting a hard drive. You're getting a virtual hard drive from the cloud service provider and how you build out from that. If you're gonna spend up 100 more hard drives, 100 more
virtual systems,
that's your capability, right? But only because of virtual ization. So the heart and soul of virtual ization is the hyper visor and their two types of hyper visors. We've mentioned these before. I will mention tight too. But I will stress to, you know, cloud service providers using a type to heart hyper visor,
So the type one hyper visor is what sits directly between the hardware and the operating system. So none of the commands are going through the O s. You've got hyper visor on top directly with the hardware.
So any time you have direct connective ity, there's no room to get in there between,
um whereas a type two up a hyper visor is installed on the operating system, see if hyper visor the operating system, then the hardware. So this space in the middle gives a lot of room for problems, right? I'm sure you guys have seen
uh, v m wear virtual PC installed on a Windows system.
Will, heart and soul. That's still a Windows system. So all the vulnerabilities that come with Windows or any other operating system exist, and they exist there between your V in your hyper visor and the hardware. That's a big security vulnerability,
Ryan. But with the type one hyper visor, that direct connection helps me. It's more secure.
That's a better thing. You get better performance. Easier to monitor it. That's the way we want to go. So you know he s X If you've heard of Zen or in this hyper V. Um you know Veum, Wary s Epps is
when it's it's my preference, for instance, but everybody's got their own provinces, so it's faster,
better connection directly through. I will tell you the hyper visor is always gonna be the cloud service providers responsibility, right responsibility to provide responsibility to secure all the way up through the hyper visor, regardless of what type of service that's the CSP.
It doesn't mean that we're not concerned.
Hyper visors can be corrupted. Hyper visors have to be patched and upgraded, just like everything else. And then there are also specific types of malicious activity that targets hyper visors. So all of those air concerns of ours, even though that's done at the Cloud Service provider,
so they need to be up there
way we need to make sure if the hyper visors under our management. So now the assumption is maybe where the Cloud Service provider and they may jump back and forth between that on the exam. If they don't tell you specifically assume you're the customer.
But be open to the fact that they may say you're working in a cloud service provider. What's your responsibility as far as
hyper visor security. So just like anything else has to be up, restrict administrative access to the hyper visor. Of course, that's the element that that provides and that controls and that secures or creates the separation between virtual machines.
make sure that if we're allowing management channels to the, you know for remote administration, perhaps make sure that that secure, make sure that we have
timing in sync. Timing is everything on the network from a forensic standpoint from certain network service is. So we make sure that we say generally we like the sink to a trusted time server out on the Internet, making sure that there are no additional interfaces. No additional
protocol service is on the system that provides the hyper visor service is
just the standard steps. Other things with the hyper visor. There's a clipboard function or VM tools where you can copy and paste. Or you can bridge the gap from the external network to the internal network. We don't want any of that right, so
copying and pasting means you're gonna allow something outside of the virtual systems to come inside.
Same idea with network communications when we bridge that gap. What we're saying what's happening out on the external network. Perhaps the Internet
can impact the individual virtual machines. Never a good idea. And of course, we've gotta monitor. There are tools, special tools for monitor, but monitoring the hyper visor itself, cloud service providers, responsibility. We have to make sure that it happens.
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By