Virtualization technology has rapidly spread to become a core feature of enterprise environments, and is also deeply integrated into many server, client, and mobile platforms. It is also widely used in IT development, research, and testing environments. Virtualization is also a key technology in cyber security. As such a deep technical understanding of the capabilities and limitations of modern approaches to virtualization is critical to cyber operations.
Specific topics to be covered in this knowledge unit include, but are not limited to:
- Type I and Type II architectures.
- Virtualization Principles including efficiency, resource control and equivalence
- Virtualization techniques for code execution, including trap and emulate, binary translation, paravirtualization, and hardware-supported virtualization (e.g., Intel VMX).
- Management of memory in virtualized systems, including hardware supported memory management (e.g. EPT/SLAT), memory deduplication, and isolation of VM hypervisor and memory spaces
- Techniques for allocating storage (e.g., hard drives) to Virtual Machines, and the associated capabilities (e.g., snapshots).
- Techniques for associating hardware (virtual or physical) with virtual machines, including hardware-supported methods (e.g., SR-IOV) and device emulation.
- Techniques for providing advanced virtualization capabilities, such as live-migration and live-failover.
- Internal and External Interfaces provided by virtualized platforms for management, monitoring, and internal communication/synchronization.
- Snapshots, migration, failover
Note: Education focused on simply using VMs or virtualization platforms/tools (such as vSphere, HyperV, or VirtualBox) for efficiency purposes (e.g. server consolidation) is not sufficient to address this KU.
Outcome: Students will understand and be able to describe the technical mechanisms by which virtualization is implemented in a variety of environments, and their implications for cyber operations.
Outcome: Students will be able to enumerate and describe the various interfaces between the hypervisors, VMs, physical and virtual hardware, management tools, networking, storage, and external environments.