VMTN Blog

Pascal Meunier is covering his VMworld experience, mostly about security topics.

ReAssure (CERIAS), VIX and Lab Manager (VMware)

The VIX API on Tuesday morning was a very interesting session. It will enable the remaining automation functionality of ReAssure. It allows to automate the powering on and off of virtual machines, the taking of snapshots, transfering files (e.g., results) between the host and guest OS, and even starting programs in the guest OS! It was introduced with VMWare server 1.0 last summer, but I hadn’t noticed. It is still work in progress though; there’s support only for C, Perl and COM (no Python, although I was told that there was a source forge project for that).

Teaching (security) using virtual labs

There are of course other teaching labs using virtualization that have been developed at other universities and colleges; the challenge is of course to be able to design courses and exercises that are portable and reusable. We can all gain by sharing these, but for that we need a common infrastructure where all these exercises would be valid.

How virtualization changes the security equation

As a member of the panel argued, virtualization doesn’t make things better or worse, it still all depends on the practices, processes, procedures, and policies used in managing the data center and the various data security and recovery plans. Another pointed out that people shouldn’t assume that virtual appliances or virtualization provide security out-of-the-box. Out of all malicious software, currently 4-5% check if they are running inside a virtual machine; this may become more common.