Your browser does not allow storing cookies. We recommend enabling them.

Virtual Machine

A virtual machine is a virtual operating system instance run under a hypervisor. A virtual machine may run in a cloud service or may be running on a user's desktop or some server hardware.

Generally, a virtual machine looks like just a normal computer and operating system to anyone logging into it over a network. A virtual machine will usually have virtual disks, virtual network interfaces, and often a virtual display.

A typical server will run up to several dozen virtual machines. Some servers may run hundreds or even thousands of virtual machines.

Guest Operating System and Remote Access

A virtual machine can run almost any guest operating system, including Linux and Windows. Linux virtual machines are typically accessed over the network using SSH. Windows virtual machines are often accessed remotely using Windows remote desktop. Many virtualization systems also give access to the host's virtual console display.

Virtual Machine Device Access

A virtual machine uses virtual devices to interact with the host operating system. The host operating system may emulate actual hardware to allow the guest operating system (i.e., the operating system running on the virtual machine) to access storage, network, and other resources.

Many hypervisors and guest operating systems support paravirtualized device drivers. This means that the guest operating system driver does not actually access emulated hardware; instead, it recognizes it is running on a particular hypervisor, and uses a hypervisor-specific communication mechanism to access the hypervisor's device drivers. The hypervisor may control and map access to its device drivers to enforce security and direct the virtual machine to its own virtual storage.

Containers

A container is a special kind of virtual machine that has no guest operating system. Instead, it is a group of processes isolated from other processes on the same host using special namespaces. In linux, these are called cgroups or control groups.


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now