Understanding the security environment of VMs
Understanding the security needs of a virtual machine depends on the depth of understanding how virtual machines operate. For a great many administrators, the way that hypervisors and their guests interoperate is nearly a complete mystery. Many of the explanatory documents treat this subject with highly detailed architecture terminology that is often confusing and more than a few administrators want or need to know.
The primary feature of hypervisor terminology is isolation. Even though management operating systems and all of its guests share a hardware environment, the central purpose of the hypervisor is to create separate environments that are prevented from interfering with each other. While it is usually not a surprise to anyone that guests are walled off from each other, it may not be obvious that the management operating system also lacks direct access to the guests. This can sometimes serve as a point of frustration as administrators often...