What are thin hypervisors and are they more secure than other hypervisors?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Type 1 (bare-metal) hypervisors benefit virtual environments by serving as the only interface between virtualized workloads and the underlying hardware. There is no underlying operating system because the hypervisor acts as the OS for all practical purposes.
Thin hypervisors, on the other hand, are OS-independent, with the goal of running as efficiently as possible with minimal computing overhead. Minimizing the hypervisor also reduces the attack surface by limiting the number of ways malicious code could reach the hypervisor. Keeping the hypervisor simple helps keep it secure.
For example, VMware removed the console operating system from vSphere 5.1. Removing extra software reduces potential vulnerabilities. VMware claims this move makes the hypervisor much smaller, simplifies its deployment and reduces the need for patching.
The vendor also added two additional capabilities to address security. First, you can only install software with digital signatures on a vSphere host, which makes it almost impossible for unsigned software -- such as malware -- to make its way onto the virtual server. The hypervisor also includes application programming interfaces that enable monitoring and management without agents that could be compromised with malware.
Dig Deeper on Virtualization security and patch management
Related Q&A from Stephen J. Bigelow
Photon OS optimizes VMware Photon platform deployment, not only in vSphere but in GCE, EC2 and more. Follow these steps to learn how to run Photon OS...continue reading
Performance problems can be caused by a number of things, including overprovisioning and poor vCPU selection and assignment to VMs. Use these ...continue reading
Think about what types of workloads are running on a VM before assigning compute resources, and consider using vCPUs from different cores for ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.