Write My Paper Button

WhatsApp Widget

Week 1 Project Template Joe S. Kingston CMIT 495 Current Trends and

Week 1 Project Template Joe S. Kingston

CMIT 495 Current Trends and Projects in Computer Networks and Security

Week 1 – Virtualization

Log in to your newly created AWS account and take a screen capture of the AWS Console (Dashboard) and embed it below.

Provide a detailed overview of the steps required to provision (create) and launch an AWS Ubuntu-based server virtual instance. The steps may be listed in bullet points or complete sentences. Use as much space as required.

● Log on to your AWS Management Console

● Click Launch a Virtual Machine With EC2

● Find Ubuntu Server 20.04 LTS (HVM), SSD Volume Type and click Select

● Leave everything default and click Review and Launch

● You have a chance to review everything once you are done click Launch

● You will be asked to Select an existing key pair or create a new key pair

● Create a new key pair and input a key pair name

● Download the Key Pair and click to Launch Instances

● You should see Your instances are now launching status in green

● Click the View Instances to view your instances status

What are the benefits of virtualization in a cloud environment? Discuss a minimum of three benefits in detail.

One of the significant benefits is disaster recovery. Disaster recovery in cloud computing can effectively deal with most issues of traditional disaster recovery. You don’t need to build a secondary physical site and buy additional hardware and software to support critical operations. With disaster recovery in cloud computing, you get access to cloud storage, which can be used as a secondary DR site. Disaster recovery in cloud computing can be performed in a matter of minutes from anywhere.

The second benefit faster deployment of servers and applications. Usually, it would take time to buy physical servers, rack mounts them, change management, and other checklist items that companies have to do to deploy newer hardware and applications. This would take days and weeks for technical workers to maintain and install devices and software on physical servers. With the cloud, servers and applications can be deployed in minutes.

The third benefit is you get to cut down on the number of physical servers in your organization. This reduces the amount of power being used and helps with the carbon footprint of the data center.

https://www.quickstart.com/blog/5-benefits-of-virtualization-in-a-cloud-environment/

5 Important Benefits of Virtualization in Cloud Computing

Based on your experience, what was the most challenging aspect of provisioning and launching the AWS Ubuntu-based server instance in the AWS virtual environment?

I didn’t have any problems since I use AWS to deploy WordPress and other operating systems in the cloud before.

Configure your local host computer to use an SSH client application to interact with the newly created and running AWS Ubuntu virtual instance. If using a Windows-based local computer, read over the AWS document, “Connect to your Linux instance from Windows using PuTTY”, download and install PuTTY or use Windows 10 built-in OpenSSH client.

From the local computer establish an SSH connection to the AWS Ubuntu Server virtual instance, login, and update the Ubuntu Server using and sudo apt-get upgrade. Perform a screen capture after having each command successfully run.

sudo apt-get update

sudo apt-get upgrade

Next, describe in depth what the update and upgrade commands are doing (explain why it is important to run these commands, how often should these commands be run, where do the commands pull the updates).

The command update is used to resynchronize the package index files from their sources. The indexes of available packages are fetched from the location(s) specified in /etc/apt/sources.list.

The command upgrade is used to install the newest versions of all packages currently installed on the system from the sources enumerated in /etc/apt/sources.list.

The commands should be run once a week to get any security patches. These patches might include repairing security holes that have been discovered and fixing or removing computer bugs.

Source: https://ostoday.org/linux/how-often-should-you-update-linux.html

https://www.cyberciti.biz/faq/what-does-sudo-apt-get-update-command-do-on-ubuntu-debian/

After successfully deploying the Ubuntu Server operating system updates and upgrades, reconnect to the AWS EC2 console, and if needed login again via an SSH client (Note: SSH session inactivity timeout is short). Instructions to SSH are provided by Amazon on how to do so. When connected, run the following commands to obtain information about the host and network settings (perform a screen capture of the results and embed below):

What kind of account did you discover when you ran the whoami command? How do you know? The command whoami showed the current login user who is ubuntu. This is the account I used to SSH in with when I configured my SSH client.

Note the difference between IP addresses—specifically, when you perform the ip a show or ipconfig on your personal system, versus the ip a show command within the EC2 instance VM command prompt. Describe the network settings of each system. Why are the IP addresses different? Are the IP addresses private or public? What is the difference between a public and private IP address? Explain in detail.

Both operating systems are using a private range IPv4 addressing a router assigned that. A private IP address is a range of non-internet-facing IP addresses used in an internal network. The public IP addresses can be used to communicate over the public internet outside a private network.

The reason why they are different is that a router assigned it using DHCP. My network using pfSense, which is different from than AWS network.

Virtualization allows us to place the functionality of many servers into a single host while maintaining configurable levels of separation between all virtual machines. How do you believe virtualization could help in data center consolidation? What would you be leery about during and after any transition? Virtualization can reduce the number of servers that are running applications at a fraction of their available hardware resources. IT staff can virtualize them on fewer more powerful machines and save both on hardware costs and power. Also, this reduces the amount of power needed to keep the servers cool in the datacenter, rack space and carbon footprint. The part you have to be leery about is backups and disaster recovery. Hosting on any cloud provider can make this easier but plans still be in place and testing needs to be done to ensure you can recover in case of a issues with the data or cloud provider itself.

Physical to virtual or P2V of a datacenter creates a much smaller carbon footprint. It takes time

and money to house server stacks. Less big box servers require less power, less space and less

HVAC to cool said space. Physical security plays a role as well. A full blown data center with rows

and rows of servers much like the Marine Corps Enterprise Network (MCEN) datacenter requires

constant upkeep and manpower to do so, and we have just scratched the surface of

virtualization/ datacenter consolidation. Currently, there are servers spread throughout our AO.

This is a physical security nightmare.

Aside from the physical advances, virtualization allows a more manageable, scalable, and

flexible datacenter. After consolidation of a data center, administrators are offered a fully

operation server build as well as a self-contained lab environment to update, configure and prep

for future operations. Both running simultaneously. If/when required, an in-place upgrade can

be performed, therefore providing continuous/ uninterrupted services to end-users.

Things to be leery of:

It is highly recommended to have a COOP or continuous of operation plan for your datacenter,

especially with datacenter consolidation. In the event of a fire or disaster all is lost without an

offsite COOP for restoration and disaster recovery. It is not advised to have one “single point of

failure” therefore multiple physical hosts should be available when hosting a multitude of virtual

servers within one host as well as software and backups configurations.

Additional concerns are listed as followed:

-Routine backup of Storage area Network SAN

-managing and deploy a planned virtual machine life cycle of WMs. This will recover unneeded/

unutilized virtual instances to prevent excessive images running on a single device. This is

commonly referred to at WM sprawl.

-One thing to still be concerned with is the remaining licenses cost of virtual machines. Software

licenses still persist in a virtual environment.

-User access is a concern an intentional (or UN-intentional) insider threat is always a concern

especially when consolidating services where damage done can bring down an entire network.

Does virtualization increase the cybersecurity posture of the organization? If so, describe how and why. If not, describe how and why not.

In my opinion, virtualization does not increase the cybersecurity posture of an organization.

There are a laundry list of virtualization specific attacks. Virtualization opens up a whole new

window for potential attackers to exploit. Virtual Machines all on the same host or with access

to memory on the host machine create opportunities for exploitation. If an attacker gains access

to the hypervisor on the hosting/physical machine it can potentially compromise all the VMs on

that machine, as well as other physical servers. Likewise, if a virtual machine is compromised it

can potentially compromise all the WMs running alongside it. “Traditional threats such as:

Legacy viruses, Trojans, rookits, keyloggers and other malware can all do substantial damage to

a VM and its host. Additionally, an infected VM can carry out attacks against other VMs as well

as other physical servers on the network” (Avenging, 2012).

There are various virtualization options: bare-metal (Type 1) in which the hypervisors run directly on the hardware as their own operating systems, and user-space (Type 2) hypervisors that run within the conventional operating systems. Which of these options is more secure? Describe the vulnerabilities you believe exist in either Type 1, Type 2, or both configurations. What do you believe can be done to mitigate these vulnerabilities?

As mentioned above, Bare-metal (type 1) is more secure. Bare-metal is sometimes referred to as

Native hypervisor which runs directly on a system’s hardware. When utilizing Bare-metal (type

1) virtualization option, the virtual machine (guest machine) OS runs on a completely different

or isolated level than that of the (host machine), which run directly above the hypervisor. By

implementing type-1 client hypervisor are creating another layer of security which makes more

difficult for attacks to access the virtual machine due to an additional layer of security.

On the other hand, User-space (type 2) runs on a system’s existing operating system (OS). Like I

said, the type 2 is hosted or installed on an already existing OS and the existing OS houses other

operating systems that is above it. “With type 2, any problem or problems occurring within the

(host machines) OS will affect (guest machines) operating system that are running on the

hypervisor. It affects the hypervisor itself, although sometime the hypervisor running above the

operating system might be secured but the guest operating system wouldn’t be” (Int J.

Comm,2015).

Reference:

Int. J. Communications, Network and System Sciences, 2015, 8, 260-273 Published Online July

2015 in SciRes. http://www.scirp.org/journal/ijcns http://dx.doi.org/10.4236/ijcns.2015.87026

Given that, what do you believe can be done to mitigate these vulnerabilities?

Upon completion of this assignment, export your file as a PDF and upload to the

LEO/Assignments folder.

Week 1 Assignment Timothy Cope

To answer the last portion of this question, I have listed a few ways to mitigate security

vulnerabilities.

Host machine Security – this is the machine housing the parenting operating system for a virtual

machine and in some cases it’s used to host the guest OS and share resources between VMs on

the same host. Virtualizing enables sharing of data with other VMs by using disks or folders

housed by the most machine. Pushing updates systematically and running backups of physical

as well as virtual drives are recommended.

Hypervisor security:

1.) Immediately installing hypervisor updates released by vendors and automatically updating

software is recommended.

2.) Secure with thin hypervisors reduces the chances of an attack by malicious code which has

potential to reach the hypervisor.

3.) For physical security of a network you would shut off any unused port and not connecting

any unknown machine to the network. The same goes for virtualizing…if you aren’t using file

sharing service or any other service between the guests and host OS, disable those services to

prevent risk of exploitation.

4.) An administrator must establish security between guest operating systems in order for them

to communicate. Thing of this just as a non-virtualized environment impediments firewalls.

5.) When running Bare-metal, it is recommended that guest OS run at a lower privilege level

then the housing OS.

-Sandboxing:

Which brings us to Sandboxing. Sandboxing is a tool utilize to separate running programs with

untested code and/or programs from an unverified external party. The primary goal of

sandboxing is to harden virtualization security by isolating applications running on an OS in

order to defend from outside malicious software such as malware, viruses or denial of service.

Confirm that you have stopped and terminated your AWS Linux server instance. To confirm, simply type your name below.

Joe Kingston

Export/print your completed file as a PDF and upload to your LEO/Assignments folder.

The post Week 1 Project Template Joe S. Kingston CMIT 495 Current Trends and appeared first on PapersSpot.

Don`t copy text!
WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
???? Hi, how can I help?