A sandbox system, running as a guest operating system on a host
machine, only goes so far in preventing data losses and security
breaches. If the host system is compromised, the guest system is
too. Sentillion addresses this problem with vThere Virtualization
Suite 2.0, a guest hosting system that allows for remote control,
configuration and security management across a VPN or WAN.
The vThere suite has advantages over emulators such as
Microsoft’s VirtualPC, particularly if a host computer is
stolen or lost. While the guest operating system can be denied
network access with VirtualPC, its disk images can be mounted on a
different system, exposing the data. VMware has the same
Achilles’ heel. vThere’s Player—the emulated PC
workstation that resides in a separate space on a host
computer—is different: immediately after a system
that’s been reported missing logs into the network, network
administration disables the image remotely.
NEW PLAYER
With vThere 2.0, Sentillion dropped VMware’s
virtualization engine as its end-user component and adopted
Parallels’ Player instead. The Player resides on the host,
but shares only a few hardware resources—namely, a virtual
disk drive and network connection. All other elements are
emulated.
Sentillion says the move to the Parallels Player resulted in a
tighter codebase for the emulation task; that is, Parallels works
closely with Sentillion when it’s time to update that engine.
Updates are tested with vThere and other applications to eliminate
the risk of a general update to Parallels’ software breaking
vThere functionality.
To create a virtual environment which can then be used by any
number of users, the admin creates a Windows configuration and adds
applications such as development tools, Adobe Reader, firewall and
antivirus software, e-mail client and Microsoft Office. The system
is then imaged for deployment on vThere. At this point, the image
looks and behaves much like any Windows OS installation, except
that all processing takes place on the VM, not the host.
The administrator uses vThere’s flexible Virtual Image
Creator tool to build a gold master, with specific characteristics
based on user roles. Once deployed, the master image can’t be
changed—a new version must be deployed if the remote
user’s role changes. We configured our Windows-based test-bed
systems with various memory ceilings, default display settings,
domain and network registrations, individual workstation IDs, and
even USB configurations.
When complete, the gold master image may be copied to the end
user’s system as an .ISO image or sent over a secure,
encrypted Web transfer.
PERFORMANCE
Sentillion recommends at least 1 GB of RAM (512 MB each for the
host OS and the Player) and a minimum of 13 GB of available drive
space for deploying vThere. Although our Windows XP Professional
test system had ample disk space—a SATA hard drive with 35 of
160 GB available—the virtual hard drive can grow as files are
saved. During the image creation, the administrator can adjust the
virtual hard drive’s size to account for the free disk space
on the end user’s system.
Our test system had only 512 MB of RAM, and as a result we
experienced some slowdowns. Nevertheless, multimedia applications
such as video playback, audio playback and recording were
responsive. That’s because the Parallels Player directly
accesses host video hardware, so video overlay isn’t a
problem. When we added Sun’s OpenOffice, Mozilla Firefox,
Adobe Acrobat and Grisoft’s AVG antivirus suite to our
virtual setup, we found their performance indistinguishable from
the real thing.
SECURITY
Sentillion’s vThere includes several features to protect
data, even if the ISO image, or the physical media it is on, is
compromised. Because the ISO image’s first 5-KB block is
fully encrypted, the file-allocation table of a compromised virtual
hard drive image is effectively unreadable. Even if the rest of the
data on the ISO image could somehow be read, it would be
meaningless without a file structure.
Furthermore, every byte of every block of data the user downloads
in a distributed Web package is completely encrypted. In both
cases, the encryption used is the highly secure AES-256.
While corrupted clear data could be recovered using a standard
disk-recovery tool launched from within the Player software, the
virtual hard drive image cannot be mounted as a separate device and
read by another Windows session or hosted OS. This is unique to the
Parallels Player and the vThere application.
Finally, if a host computer is stolen or compromised,
vThere’s virtual environment is effectively locked. The next
time the device and Player connect to the Internet, the
installation is invalidated and uninstalled remotely. Even if the
asset’s physical drive is write protected, the virtual hard
drive is unusable as it can’t launch Windows. Nor can the
data be extracted by hand. vThere cannot be used with a VPN
connection (see diagram). Thus, unless the VPN is internally
compromised and the administrators unaware, a lost asset with
vThere connectivity is no security risk.
Although we were impressed with vThere’s overall performance
once it was configured, installed and deployed, we had a few minor
quibbles with the product. The suite is usable only on a Windows
system, for instance. No support for Mac OS or Linux as the host or
guest OS is planned. Currently, configuring a virtualized server is
out of the question (only Windows XP with Service Pack 2 is
supported). Furthermore, though various applications can be
installed, the player can’t create DVDs or burn CDs.
Sentillion’s pricing structure is $795 per seat of the VIC
(Virtual Image Creator), $125 per named user seat, with a 22
percent annual maintenance fee. Certainly, it’s possible to
convince independent contractors to deploy the Player on their own
systems rather than handing them a separate laptop.
As for employees who use the enterprise’s equipment, the
advantage comes from the security of knowing the virtual data is
secure. The benefits outweigh the costs for having an instantly
restorable or re-deployable virtual asset. With that said, the onus
lies on IT management to ensure that physical assets can handle the
load the guest operating system can put on the host system.