The hardware-based VM discovery system operates in the physical hardware and provides the capability to locate hypervisors in memory and analyze nested virtualization setups showing the relationships among machines. It provides a transparent mechanism to recognize and support the address space of the virtual machines.

In Figure 1, a master VM discovery system monitor communicates with each host’s hardware VM discovery system. It monitors the number and security state of each VM, referring to security policy and responding if a rogue VM is discovered. VM discovery normally requires access to the physical memory of a machine to perform OS and memory mapping and automatic detection.

Figure 1 – An example of a VM discovery architecture.

Related Patterns:

• Detecting and Mitigating User-Installed VMs

This mechanism is covered in CCP Module 7: Fundamental Cloud Security and
in Module 8: Advanced Cloud Security.

For more information regarding the Cloud Certified Professional (CCP) curriculum, visit www.arcitura.com/ccp.

This cloud computing mechanism is also covered in:

Cloud Computing Design Patterns by Thomas Erl, Robert Cope, Amin Naserpour

(ISBN: 9780133858563, Hardcover, ~ 528 pages)

For more information about this book, visit www.arcitura.com/books.