|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen and VMWare
On 2016-10-23 19:36, J. Eppler wrote: I will comment that this does not on average improve on the security of the code. Take a look at Heartbleed, or CVE-2016-5195 for examples of this. It generally means that fixes happen faster once a bug is found, but not that bugs will be discovered any sooner.Hello, VMWare has two different hypervisors. The first one runs on top of the operating system Windows, Linux and Mac and is comparable to VirtualBox. VMWare uses different names on different operating system for this host based virtualization approach (VMWare Player, Fusion Workstation etc.) The second product is VMWare ESXi which is "bare-metal" or hardware based virtualization solution. VMWare sells various products based on that "bare-metal" virtualization approach ( VMWare vSphere, VMWare Server). Only VMWare ESXi and Xen are comparable since both are "bare-metal" hypervisors. The advantage of Xen is the small attack surface since Xen does not emulate any devices. However, hardware based virtual machines (HVM) need to have emulated generic devices and Xen relies on Qemu for that. VMWare ESXi has a larger attack surface, since, as far as I know, they include drivers and emulated devices in their hypervisor. (http://ieeexplore.ieee.org/document/6759218/?arnumber=6759218) However, it is not possible to say which one is more or less secure. Both Xen (Citirx) and VMWare working hard to make their hypervisors secure as possible. But I myself prefer Xen, because it is: 1. Open Source - I and everybody else can audit, verify, improve, modify the source code 2. It has a small attack surface and a micro architecture design I too prefer Xen for both reasons you listed, as well as: 3. It's free.4. It doesn't impose unnecessary restrictions on what peripheral hardware you can have on your VM host (ESXi gets very picky about NIC's and storage controllers). 5. I find the management tooling much easier to use (this is of course opinion, and I'm referring just to XL). best regards J. Eppler On 10/23/2016 04:54 PM, Jason Long wrote:Hello. Why someone say that VMWare security is better than Xen? I use Xen and it is so cool but someone told Xen has security problem and one reason for low market is its security!!!! I guess Xen market is good and many companies like host providers and cloud use Xen. Any idea? Thank you. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx https://lists.xen.org/xen-users_______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx https://lists.xen.org/xen-users _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx https://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |