[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Xen and VMWare

  • To: xen-users@xxxxxxxxxxxxx
  • From: "Austin S. Hemmelgarn" <ahferroin7@xxxxxxxxx>
  • Date: Mon, 24 Oct 2016 07:58:10 -0400
  • Delivery-date: Mon, 24 Oct 2016 11:59:32 +0000
  • List-id: Xen user discussion <xen-users.lists.xen.org>

On 2016-10-23 19:36, J. Eppler wrote:

VMWare has two different hypervisors. The first one runs on top of the
operating system Windows, Linux and Mac and is comparable to VirtualBox.
VMWare uses different names on different operating system for this host
based virtualization approach (VMWare Player, Fusion Workstation etc.)

The second product is VMWare ESXi which is "bare-metal" or hardware
based virtualization solution. VMWare sells various products based on
that "bare-metal" virtualization approach ( VMWare vSphere, VMWare Server).

Only VMWare ESXi and Xen are comparable since both are "bare-metal"
hypervisors. The advantage of Xen is the small attack surface since Xen
does not emulate any devices. However, hardware based virtual machines
(HVM) need to have emulated generic devices and Xen relies on Qemu for

VMWare ESXi has a larger attack surface, since, as far as I know, they
include drivers and emulated devices in their hypervisor.

However, it is not possible to say which one is more or less secure.
Both Xen (Citirx) and VMWare working hard to make their hypervisors
secure as possible.

But I myself prefer Xen, because it is:
1. Open Source - I and everybody else can audit, verify, improve, modify
the source code
I will comment that this does not on average improve on the security of the code. Take a look at Heartbleed, or CVE-2016-5195 for examples of this. It generally means that fixes happen faster once a bug is found, but not that bugs will be discovered any sooner.
2. It has a small attack surface and a micro architecture design

I too prefer Xen for both reasons you listed, as well as:
3. It's free.
4. It doesn't impose unnecessary restrictions on what peripheral hardware you can have on your VM host (ESXi gets very picky about NIC's and storage controllers). 5. I find the management tooling much easier to use (this is of course opinion, and I'm referring just to XL).

best regards
  J. Eppler

On 10/23/2016 04:54 PM, Jason Long wrote:
Why someone say that VMWare security is better than Xen? I use Xen and it is so 
cool but someone told Xen has security problem and one reason for low market is 
its security!!!! I guess Xen market is good and many companies like host 
providers and cloud use Xen.
Any idea?

Thank you.

Xen-users mailing list

Xen-users mailing list

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.