StudyDaddy Article Writing Please Submit your Portfolio Project Outline and References An APA formatted document that contains: 1. A 2-3 page outline addressing all required topics with subtopics.There must be a paragraph descr

Please Submit your Portfolio Project Outline and References An APA formatted document that contains: 1. A 2-3 page outline addressing all required topics with subtopics.There must be a paragraph descr

School of Computer & Information Sciences ITS -532 Cloud Computing Chapter 8 – Virtualization Learning Objectives • Define and describe virtualization. • Discuss the history of virtualization. • Describe various types of virtualization. • List the pros and cons of virtualization. • Identify applications that are well suited, as well as those that are not suited, for virtualization. • Describe why companies should employ virtualization. Virtualization Defined • The use of hardware and software to create the perception that one or more entities exist, although the entities, in actuality, are not physically present. • Using virtualization, we can make one server appear to be many, a desktop computer appear to be running multiple operating systems simultaneously, a network connection appear to exist, or a vast amount of disk space or a vast number of drives to be available. Server Virtualization • Making one server appear as many. Each virtual server may run the same or different operating systems. • Server virtualization provides greater CPU utilization, a smaller equipment footprint, less power consumption, and support for multiple operating systems. Desktop Virtualization • Allows a user to switch between multiple operating systems on the same computer. (An operating system that resides within a virtualized environment is known as a guest operating system .) • Some desktop virtualization techniques can provide an operating system environment on demand. • Desktop virtualization provides support for multiple operating systems, which is very convenient for software developers, testers, and help desk support staff. Virtualization Technologies Virtual Machines can be created by Operating Systems as shown in Figure 5.8 or with Hardware as shown in Figure 5.9. Operating system virtualization can provide more flexibility while hardware based virtualization can provide increased performance. 6 (Erl, 2014) Figure 5.8 Figure 5.9 Virtual Networks • Create the illusion that a user is connected directly to a company network and resources, although no such physical connection may exist. • Virtual networks are sometimes called virtual private networks or VPNs. Using a VPN, users can connect to a network and access the network resources from any Internet -connected computer. • Virtual networks let network administrators to segment a network, making different departments such as management, development, and sales appear to have their own separate networks. Virtual Storage • Provides users (and applications) with access to scalable and redundant physical storage through the use of abstract, or logical, disk drives or file systems, or a database interface. Virtual Memory • Virtual memory combines RAM with a page file on disk to create the illusion, to running programs, of the existence of a vast amount of RAM. Advantages of Virtual Memory • A running program (process) appears to have unlimited memory. • The operating system can easily manage several different programs, running at the same time, and keep each program’s data and instructions secure. • The operating system can take advantage of disk storage, which is considerably less expensive than RAM. Disadvantage of Virtual Memory • The disadvantage of virtual memory is that the paging process (the process of moving instructions and data between RAM and disk) adds overhead, mostly because disk drives are much slower than RAM. Original Servers • Server computers originally required their own chassis, disk, power supply, and fan. Servers consumed considerable power, took up considerable space, and generated considerable heat within the data center. Green Computing • Power off devices when they are not in use. • Power up energy -intensive devices, such as laser printers, only when needed. • Use notebooks when possible instead of desktops. • Use the computer’s built -in power management features. • Minimize unnecessary printing. • Dispose of e -waste (devices, ink cartridges, monitors, and so on) in compliance with government regulations. Blade Servers • The blade server is designed to fit within a rack with other blade servers. This reduces the server’s physical footprint, makes the server easier to cool, and reduces the server’s power consumption. The Problem • Most servers today are either very busy, running at a high level of CPU utilization, or are idle a significant portion of the time, waiting for something to do. Load Balancing • Using load balancing, the IT staff can supply the number of servers necessary to meet the server workload at a given time. Server Virtualization • Through virtualization, a single physical server can be made to look like multiple separate servers, potentially running different operating systems. Microsoft Hyper -V • Microsoft servers now utilize an underlying technology the company refers to as Hyper -V to allow administrators to create virtual servers. • Advantages of Hyper -V • The ability to consolidate servers and increase CPU utilization • Enhanced business continuity and disaster recovery • Ease of deploying testing and support environments • Enhanced support for Windows -based client virtualization • Improved load balancing • Ability to move live virtual machines from one physical server to another on the fly for load balancing and scalability VMware ESXi • VMware is one of the best -known providers of virtualization solutions. For companies that need to support multiple operating systems within a virtual -server environment, Vmware ESXi provides the solution. • ESXi provides the following: • Support for multiple operating systems • Server consolidation • Automated resource management to drive disaster recovery and service -level agreements • Detail cost -reporting services • Automated load balancing • Centralized management and administration of virtual servers and the underlying machines Virtual Desktop • The term for a desktop computer that runs two or more operating systems. • Desktop virtualization allows a desktop computer to run two or more operating systems at the same time and allows a user to quickly switch between the systems. Advantages of Virtual Desktops • A single desktop computer can simultaneously run multiple operating systems. • There is reduced need for duplicate hardware. • Less power is consumed. Microsoft Desktop Virtualization Tools • Microsoft Virtual Desktop Infrastructure (VDI) suite • Microsoft Application Virtualization (App -V) • Microsoft Enterprise Desktop Virtualization (MED -V) • Microsoft Remote Desktop Services (RDS) • Microsoft User State Virtualization (USV) • Windows Thin computer VMware View • A tool for providing virtual desktops on demand. Using View, system administrators can centralize the on -demand delivery of an operating system and user -assigned applications. • Advantages of Vmware View • Simplified desktop operating system and application management • Automated desktop provisioning (account generation) • Virtual -desktop image management • Support for a variety of client platforms Virtual Private Network (VPN) • VPN software uses a secure Internet connection to give the user the illusion that he or she is physically connected to the remote network from his or her current location. Virtual Network • Virtual local -area network (VLAN), which uses special routers to segment part of the physical network in such a way that the group appears to have its own private network. Data Storage Virtualization • Data storage virtualization hides the physical storage device or devices from the logical presentation that users or applications use to access the space. Advantages of Cloud -Based Storage • Scalable disk storage space on demand • The ability to pay as you go for the needed storage • Behind -the -scenes backup and data replication • Support for common operating systems • Access from anywhere, anytime, and essentially any device • Ease of document sharing Disadvantages of Cloud -Based Storage • Some users are not comfortable with their data residing in the cloud. • Cloud -based file access is slower than local file access due to network overhead. Not All Applications Are Appropriate for Virtualization • Applications with unique hardware requirements : If an application requires a unique device or hardware device driver, the virtualization software may be unable to support the device. • Graphics -intensive applications : If an application is graphics intensive, such as a 3 -D modeling program, the virtual device drivers may slow down the I/O processing to an unacceptable level. Motivation to Virtualize • Increased device utilization (particularly CPU utilization) • Decreased device footprint • Decreased power consumption • Simplified operating system and application administration • Ease of software provisioning and patch releases • Device and storage scalability • Increased user access to key resources Motivation to Virtualize Continued • Increased flexibility in supporting multiple operating system environments • Improved use and management of software licenses • Improved utilization reporting, which leads to improved capacity planning • Improved disaster recovery and business continuity Disadvantages of Virtualization • New staff or staff training may be required to understand the virtualization process. • Not all applications are well suited for virtualization. • The virtualization process adds slight overhead, which will make some applications run more slowly. Key Terms References Primary:

Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary:

Erl, T., Mahmood, Z., & Puttini , R. (2014). Cloud computing: concepts, technology, & architecture . Upper Saddle River, NJ: Prentice Hall. 34 School of Computer & Information Sciences ITS -532 Cloud Computing Chapter 9 – Securing the Cloud Learning Objectives • List the security advantages of using a cloud -based provider. • List the security disadvantages of using a cloud -based provider. • Describe common security threats to cloud -based environments. Physical Security • IT data centers have been secured physically to prevent users who do not have a need to physically touch computers, servers, and storage devices from doing so. • A general security rule is that if an individual can physically touch a device, the individual can more easily break into the device. Advantages of Cloud Providers with Respect to Security • Immediate deployment of software patches • Extended human -relations reach • Hardware and software redundancy • Timeliness of incident response • Specialists instead of personnel Disadvantages of Cloud -Based Security • Country or jurisdiction issues • Multitenant risks • Malicious insiders • Vendor lock in • Risk of the cloud -based provider failing Confidentiality • Confidentiality is the characteristic of something being made accessible only to authorized parties. Within the cloud, confidentiality must be maintained for data in transit and in storage. 40 (Erl, 2014) Figure 6.1 The message issued by the cloud consumer to the cloud service is considered confidential only if it is not accesse d o r read by an unauthorized party. Integrity • Integrity is the characteristic of not having data altered by an unauthorized party. Integrity extends to how data is stored, processes, and transmitted. 41 (Erl, 2014) • Figure 6.2 The message issued by the cloud consumer to the cloud service is considered to have integrity if it has not been a lte red. Basic Terms and Concepts • Authenticity – being provided by and authorized source • Availability – being available during a specified time period • Threat – a potential security violation that can challenge defenses • Vulnerability – a weakness that can be exploited • Risk – possibility of loss or harm from an activity • Security Controls – countermeasures us to prevent or respond to security threats and to reduce or avoid risk • Security Mechanisms – components of a defensive framework that protects IT resources, information, and services. 42 (Erl, 2014) Security Risk - Flawed Implementation • Substandard design, implementation, or configuration of cloud services can have serious undesired consequences runtime exceptions and failures. 43 (Erl, 2014) Figure 6.15 Cloud Service Consumer A’s message triggers a configuration flaw in Cloud Service A, which in turn causes the vir tua l server that is also hosting Cloud Services B and C to crash. Risk Management • To reduce risk in the Cloud, a formal risk assessment should be performed as a cyclical process including risk assessment, risk treatment, and risk control. 44 (Erl, 2014) Figure 6.16 The on -going risk management process, which can be initiated from any of the three stages. Real World: McAfee Security as a Service • McAfee now offers a range of security solutions that deploy from the cloud. The solutions protect e -mail (spam, phishing, redirection, and virus elimination), websites, desktop computers, mobile devices, and more. Data Storage Wiping • Within a cloud -based disk storage facility, file wiping overwrites a file’s previous contents when the file is deleted. Denial of Service Attacks • A denial -of -service attack is a hacker attack on a site, the goal of which is to consume system resources so that the resources cannot be used by the site’s users. • The motivation for and the implementation of denial -of -service attacks differ. Simple Denial of Service :Loop ping SomeSite.com GOTO Loop • While responding to the ping message, the server can handle fewer other requests Distributed Denial of Service (DDOS) Attack • A distributed denial -of -service (DDoS) attack uses multiple computers distributed across the Internet to attack a target site Packet Sniffing Attacks • Network applications communicate by exchanging network packets.

Each computer within a wired network examines the message address to determine if the message is for an application it is running. Packet Sniffing Continued • A hacker can write code that lets his system examine the content of each packet that travels past it. • Within a wireless network, hackers can simply monitor the airways to intercept packets. • The cloud, because it allows users to connect to applications from anywhere, increases potential risks. Users may connect from an insecure network or a network in which the wireless traffic is being monitored. • The best defense against a packet sniffing attack is to use secure (encrypted) connections. Man -in -the Middle Attack • Within a man -in -the -middle attack, a hacker intercepts the messages a user and system are exchanging. The hacker can view and/or change the message contents. Monitoring Device Screens • Years ago, when employees accessed sensitive or confidential data only from within their office, the data was better physically protected from prying eyes. • The cloud, however, extends the delivery of such data to users who are any place, at any time, and often to any device. • The net result is that within a busy coffee shop or an airport, strangers can see data ranging from human -relations information or customer sales data to student grades, and more. Malicious Employees • Companies spend considerable amounts of money trying to protect their data and communications from hackers. • IT staffs deploy firewalls, use encryption, monitor network traffic for intrusion, and much more. With all of these security features in place, the most difficult challenge for a company to defend itself against is a malicious employee. Malicious Employees Continued • Developers, for example, have access to databases, and IT staff members have access to various system passwords, which means that each may have access to human -relations data, payroll data, e - mail content, and so on. • By shifting data to the cloud, you move sensitive data away from your own employees. Hypervisor Attack • When you virtualize a server, each server operating system runs on top of special virtualization software called the hypervisor. • Hypervisor developers such as VMware and Microsoft constantly focus on ways to lock down and secure the hypervisor to reduce risks. • The hypervisor will remain an attractive hacker target as companies continue to virtualize solutions. Hypervisor Attack Continued • Hackers refer to the process of taking over the hypervisor as a hyperjacking attack . • To reduce the chance of a hypervisor being taken over by malicious code the underlying hardware may assign a state value, like a cyclic redundancy check (CRC), to the hypervisor. If this value changes, the hardware can detect that the hypervisor has been attacked or replaced. Guest Hopping Attack • Hackers refer to an attack from one guest operating system to another as a guest hopping attack . Real World: Cloud Security Alliance • The Cloud Security Alliance is a not -for -profit organization, the goal of which is to promote education of cloud security issues. • The Cloud Security Alliance consists of a large coalition of cloud practitioners, companies, associations, and other cloud stakeholders. SQL Injection Attack • Many web applications present forms that users must complete by filling in fields and then submitting the form contents for processing. • The application that receives the form data often stores the data within an SQL database. SQL Injection Attack Continued • An SQL -injection attack occurs when a malicious user inserts one or more SQL queries within one or more of the fields. For example, rather than simply typing in his or her last name, the hacker might type the following: Smith; DROP DATABASE EMPLOYEES; • Depending on how the database uses the user input, the processing may result in the execution of the injected SQL, which in this case would delete the database of the company’s employees. SQL Injection Attack Continued • Many cloud -based software as a service (SaaS) solutions are multitenant applications, which means different customers may share underlying resources such as a database. • If the SaaS application falls victim to SQL injection, it might be possible for a user in one company to view, change, or destroy the data of another company. Real World: ENISA • The European Network and Information Security Agency (ENISA), based in Greece, promotes cybersecurity best practices. Within the ENISA website, you will find a broad range of papers and reports on a variety of security topics. Improving Physical Security through Colocation • By using colocated , replicated hardware and software, cloud solution providers reduce many threats to IT resources. Key Terms References Primary:

Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary:

Erl, T., Mahmood, Z., & Puttini , R. (2014). Cloud computing: concepts, technology, & architecture . Upper Saddle River, NJ: Prentice Hall. 66

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!