Jump to content
You are not logged in ▶️ Click to sign-up or login ×

Virtualization/shadowing Based Security Products

welo

By welo
in IT and Computers

 Share

Recommended Posts

welo Gold Member

welo

Posted
Posted

The topic came up in two other threads and caught my interest. Didn't want to hijack those other threads so I start a new topic...

take a look at the

DEEP FREEZE, SHADOW DEFENDER, RENTURNIL, SHADOW USER

group of softwares. these let you run in virtual/shadow mode. as you browse nothing is written to the real drive, the changes only take place on the shadow/virtual drive which evaporate on reboot & your real disk remains in its original virginal state.

Virtualization and Sandboxing is powerful stuff and will become even more popular (and easy to use in the future). I see 4 different types of 'sandboxing' with different levels of isolation (separating virtualized components from the 'real' system.)

  1. virtual machines - vmware, virtualbox, VirtualPC, etc
  2. shadowing (based on disk virtualization/cloning AFAIK) - Returnil, Deep Freeze, TrueImage etc
  3. sandboxing (of a process) - Sandboxie, GeSWall, etc
  4. rollback software - Rollback Rx, Windows System Restore, ..
  5. restrict permissions (for a process) - DropMyRights, PSExec, etc...

4. and 5. are more 'classic' techniques, one might argue they don't even fit into the category virtualization/sandboxing.

I can think of use-cases where each solution would make sense. Looking at 1-3, I personally favor 1. and 3. since your computer remains available for 'standard' use without worrying too much about data getting lost due to rollback. However, virtual machines do have limitations when it comes to 3D and performance.

For securing your web browsing I guess sandboxing should be enough in most cases (on a proper OS even 5. should be enough :) )

Does anybody use shadowing services on a regular basis - and if, for what use-cases?

welo

Link to comment
Share on other sites
Crushdepth Ruby Member

Crushdepth

Posted
Posted

I use rsnapshot to backup remote webservers and databases. It allows you create a time-series of backups, that are run automatically/scheduled over SSH using key based authentication. It only downloads changes at the block level, and if a file exists on the backup disk already it doesn't duplicate it, it just makes a hard link to it, so it is amazingly space efficient.

You can stagger the frequency of backups, so I have one backup every 4 hours for the last day, one backup for every day of the last week, one backup for every week in the last month, and one backup for each of the last 3 months. Can step into any of them and recover an individual file or the whole system if needed. Completely brilliant piece of softare and its free.

Case in point: I used to backup my 2GB work site manually once a week over FTP and it would take about 6 hours if the internet connection didn't crap out and require a restart. rsnapshot does the same job automatically every 4 hours and only takes about 3 minutes, because it only deals with the changes. If you want to backup any kind of Linux-based server or computer, look no further.

Link to comment
Share on other sites
tariq786 Senior Member

tariq786

Posted
Posted

I am using VMware ESXi and VMWare Server both has snapshots features. Since Databases are running and automated scheduled DB backups are also active but I do make manual copies on seperate location.

For Webserver I am using R1Soft Continuous Data Protection http://www.r1soft.com/

If in house data security is the key issue then I would go for some Data Storage Server and as far as I have read Solaris ZFS is an excellent choice http://www.sun.com/software/solaris/ds/zfs.jsp

Link to comment
Share on other sites
welo Gold Member

welo

Posted
  • Author
Posted
I am using VMware ESXi and VMWare Server both has snapshots features. Since Databases are running and automated scheduled DB backups are also active but I do make manual copies on seperate location.

What are the use-cases scenarios for VMware (in your case)? I wondered whether it is common practice nowadays to setup servers with virtual machines for ease of maintenance. Neglecting the license costs for software, is the performance drawback really small enough to follow that strategy. Especially if database servers are involved?

And nobody here using shadowing software yet for their home PC or for workstations in a company? The first use-case that comes to my mind would be internet cafes or other PCs with public access. But I am still wondering whether setup and handling is straight forward enough to make this kind of software usable on a everyday basis (e.g. to test software) and if its to be favored to e.g. Windows System Restore.

welo

Link to comment
Share on other sites
tariq786 Senior Member

tariq786

Posted
Posted
I am using VMware ESXi and VMWare Server both has snapshots features. Since Databases are running and automated scheduled DB backups are also active but I do make manual copies on seperate location.

What are the use-cases scenarios for VMware (in your case)? I wondered whether it is common practice nowadays to setup servers with virtual machines for ease of maintenance. Neglecting the license costs for software, is the performance drawback really small enough to follow that strategy. Especially if database servers are involved?

And nobody here using shadowing software yet for their home PC or for workstations in a company? The first use-case that comes to my mind would be internet cafes or other PCs with public access. But I am still wondering whether setup and handling is straight forward enough to make this kind of software usable on a everyday basis (e.g. to test software) and if its to be favored to e.g. Windows System Restore.

welo

I am using a Single Quad Core with 8 GB Ram and mdadm Software RAID to host 5 VMs so in my case it is saving me for Hardware Cost. Since the DB load is not that high as such the performance is as good as a Dedicated Server. VMWare is installed on Ubuntu Server and most of the Guest OS are Linux based.

Another site has ESXi 4 hosting a Terminal Server and again performance is very good. If u are using Microsoft OS for Guest VMs, u have to pay for license feeas such there is no cost saving.

It is easy to move the VMs from one server to another in case of a server failure. If u r using VMotion it will be very easy to move running virtual machines from one physical server to another. This feature is free in XenServer from Citrix, which is also a very nice product.

Link to comment
Share on other sites
welo Gold Member

welo

Posted
  • Author
Posted
I am using a Single Quad Core with 8 GB Ram and mdadm Software RAID to host 5 VMs so in my case it is saving me for Hardware Cost. Since the DB load is not that high as such the performance is as good as a Dedicated Server. VMWare is installed on Ubuntu Server and most of the Guest OS are Linux based.

Another site has ESXi 4 hosting a Terminal Server and again performance is very good. If u are using Microsoft OS for Guest VMs, u have to pay for license feeas such there is no cost saving.

It is easy to move the VMs from one server to another in case of a server failure. If u r using VMotion it will be very easy to move running virtual machines from one physical server to another. This feature is free in XenServer from Citrix, which is also a very nice product.

I guess it is all about easing maintenance, is it. If the load allows it you could probably configure most applications to share one system environment (same OS), but considering maintenance and also availability and risk maintenance, that is probably a bad idea. But how far do you take that idea, do you keep servers and services together (namely web server and database) or do you split them up on separate vms so you are more flexible moving them around. Of course this is always depending on that particular scenario, but I would be interested in your personal experience and usage patterns you developed so far.

welo

Link to comment
Share on other sites
tariq786 Senior Member

tariq786

Posted
Posted

>>I guess it is all about easing maintenance, is it.

Ease of maintenance is one of the benefit of Virtualization.

>>But how far do you take that idea, do you keep servers and services together (namely web server and database)

It depends upon the Client Load. You can easily create Multiple Websers Server VMs connected to seperate DB Server VM.

>>But I would be interested in your personal experience and usage patterns you developed so far

For Business Applications, I am using one VM for DB Server and another VM for Terminal Server and the Third one to Serve the Executable Files. Although u can have a Single server of all this.

For Web Applications, at the moment only using single VM but again can easily be Multiple VMs to distribute the load.

For me the Ideal scenario will be creating one Storage Server with Raid (Solaris ZFS), 2 Citrix Xenserver with VMotion and everything is taken care of. For more redundancy u can have an additional Storage Server.

I have not tested the above scenario will be doing it as soon as I get time and proper hardware :)

For Reference :

http://www.sun.com/software/solaris/ds/zfs.jsp

http://www.citrix.com/English/ps2/products...ntentID=1686939

Link to comment
Share on other sites
welo Gold Member

welo

Posted
  • Author
Posted

Thanks for your reply. Had a quick look at Citrix Xenserver. I don't really get their current business model. Since XenServer is free, what features or tools are missing, or is it only support and training that they make money with?

welo

Link to comment
Share on other sites
tariq786 Senior Member

tariq786

Posted
Posted (edited)
Thanks for your reply. Had a quick look at Citrix Xenserver. I don't really get their current business model. Since XenServer is free, what features or tools are missing, or is it only support and training that they make money with?

welo

Xen is leading open source hypervisor for servers. It is adapted by cirtix and they have added some nice features for free. Additionaly, they are selling Citrix Essentials for XenServer which extends advanced server virtualization management capabilities of XenServer. http://www.citrix.com/English/ps2/products...ntentID=1686940

All the major hypervisor companies like VMWare ->ESXi, Microsoft -> Hyper-V, Citrix -> Xenserver have made these product free and they are charging for some additional features which are not necessarily always required for normal deployments.

I have never used Sandboxie and why should I use when high quality Virtualization product is freely available. For Desktop I would recommend Oracle/Sun VirtualBox which I am using both on Linux and Windows platform.

Its really nice. Just buy one good Server and have all your Business need are taken care of. Like

VM1 for Routing, Firewall, Antivirus, Antispam, VPN for Physical Networks.

VM2 for Email Server

VM3 for Company DB Server

VM4 for Application / Web Server

VM5 for NAS or SAN

VM6 for CRM

and so on .............. until you find that u need additional server and then u put SAN / NFS Server 2 Hypervisors with VMotions and adding more hypervisors as and when required.

Cheers

Edited by tariq786
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.





×
×
  • Create New...