Businesses looking for safer virtual desktops can cut the risk of attacks if they run their virtual-machine hypervisors directly on computer hardware, eliminating reliance on separate operating systems that can be vulnerable to attack.
Most recently Citrix is teaming up with Intel to optimize its XenDesktop software for desktops and laptops based on Intel Core2 and Centrino 2 processors, with the product scheduled to be available in the second half of this year.
Beyond the security implications, client hypervisors offer the additional management benefits of centralizing content, enforcing access control to desktop images, updating and patching desktops and supporting multiple virtual machines on a single device while keeping them isolated from each other.
The Citrix offering will run directly on the client desktop or laptop as opposed to running on top of a separate operating system that is running on the hardware.
The Citrix client hypervisor is scheduled to be available around the time that VMware releases its client hypervisor. But the difference is that VMware's runs on top of the host machine's operating system, says Mark Bowker, an analyst with Enterprise Strategy Group.
In addition to teaming with Intel, Citrix is working with Dell with the goals of certifying that the hardware and software work together and of delivering the hypervisors on Dell desktops and notebooks that are powered by Intel vPro chips, says Juan Vega, a Dell senior product marketing strategist.
Dell hasn't decided yet whether the hypervisor will ship standard with the devices or be sold separately, Vega says.
Management benefits of having a hypervisor running on client machines include keeping desktop images centrally stored and encapsulated as virtual machines. As such, their security settings can be altered — patches applied, security settings updated — once on a server, then deployed or synched to remote machines.
The virtual desktop model employing a hypervisor differs from the model where the laptop or desktop has a thin client that receives images of the desktop from a server shared by other virtual desktops. Because machines with their own client hypervisors have dedicated computing power, they can deliver better application performance and graphics, Citrix claims.
Citrix says its client hypervisor will support multiple isolated virtual desktops per machine, making it possible to deploy a corporate virtual machine on a device that has a VM containing personal data and applications without risk of one corrupting the other.
Because these virtual machines are encapsulated, they can be readily encrypted, Bowker says, making them more secure if the machines being used are mobile or not managed by the corporation.
The security boost that comes from removing the operating system from between the hardware and the hypervisor doesn't necessarily eliminate attacks, according to a competitor of Citrix.
In the absence of an operating system to attack, malicious parties can attack the hypervisor itself, says Dave Kleidemacher, CTO of Integrity Global Services, which sells a client hypervisor with the highest U.S. government security rating known as EAL 6+. It's the only one on the nmarket, Integrity claims.
The highest rating possible for hypervisors not designed specifically with EAL6+ criteria in mind is EAL 4, he says. “The bar is so much lower,” he says. The higher rating is awarded to software that can withstand persistent attacks from knowledgeable, well funded adversaries, he says
In the real world, there have been no successful hypervisor exploits, although security researcher Joanna Rutkowska described last year at the Black Hat security conference ways to subvert the Xen server hypervisor with rootkits.
“It's more theoretical,” says Natalie Lambert, an analyst with Forrester Research who says she has not heard from customers about their hypervisors being exploited. “Security folks use it as a stop mechanism to not let virtualization projects move forward.”