Teco loco

Solo disponible en BuenasTareas
  • Páginas : 43 (10701 palabras )
  • Descarga(s) : 4
  • Publicado : 19 de julio de 2010
Leer documento completo
Vista previa del texto
Virtual Appliances for Deploying and Maintaining Software
Constantine Sapuntzakis David Brumley Ramesh Chandra Nickolai Zeldovich Jim Chow Monica S. Lam Mendel Rosenblum Computer Systems Laboratory Stanford University {csapuntz, dbrumley, rameshch, nickolai, jchow, lam, mendel}@cs.stanford.edu

Abstract
This paper attempts to address the complexity of system administration by making the laborof applying software updates independent of the number of computers on which the software is run. Complete networks of machines are packaged up as data; we refer to them as virtual appliances. The publisher of an appliance controls the software installed on the appliance, from the operating system to the applications, and is responsible for keeping the appliance up to date. These appliances canbe configured by users to fit their needs; the configuration is captured such that it can be reapplied automatically when the appliance’s software is updated. We have developed a compute utility, called the Collective, which assigns virtual appliances to hardware dynamically and automatically. By keeping software up to date, our approach prevents security break-ins due to fixed vulnerabilities. Thispaper presents the concept of virtual networks of virtual appliances and describes our prototype of the Collective Utility. We demonstrate the feasibility of our approach by creating appliances for groupware servers, Windows desktop environments, and software development environments.

1

Introduction

On July 24, 2002, Microsoft released a patch for buffer overruns in SQL Server 2000[11]. Sixmonths later, on January 25, 2003, the SQL slammer worm inundated network links with packets, slowing Internet connections and costing an estimated $1 billion. The worm exploited a vulnerability on unpatched servers[19]. Unpatched software affects more than just services; desktop systems are also in jeopardy when security patches go unapplied. On June 5, 2003, Stanford University disabled alloutgoing mail delivery due to the BugBear.B virus, which was leaking confidential documents[20]. The hole exploited by BugBear.B was fixed by Microsoft in a patch[10] issued more than two years before, but many users had not updated their desktops. These two incidents underscore the importance of keeping systems up to date with respect to security patches. But security patches are released frequently,and end users may not be aware of patches or have the know-how to update their systems. Patching today is done through a variety of ad-hoc mechanisms; applying a patch sometimes breaks a system. To improve security, we must make updates auto-

matic, reliable, and even mandatory. Software update is only one of the problems facing system administrators. Setting up and maintaining a computinginfrastructure requires much effort. While large organizations may have IT departments, smaller organizations, such as start-up companies and university research groups, may not have professional staff to create and manage infrastructure. With home users, the situation is even worse. They are often poorly versed in system administration and waste much time as a result.

1.1 Approach
We observe thatcomputers do not have to be difficult to install and maintain. The TiVo personal video recorder has much of the same hardware and software as a PC, yet it automatically downloads updates and installs them, without hassling the user. Computing appliances, like the TiVo, provide a more predictable environment for software updates since users do not install software. Instead, the software installedon the appliance is controlled by the appliance vendor, who can test all the software to ensure it works together before distributing it.

Inspired by the ease of administering of appliances, we have proposed organizing software systems as virtual appliances in previous work[17]. A virtual appliance (VAP) is like a physical appliance but without the hardware; as such, a VAP is like software...
tracking img