Virtual Machine Overview

Show Me!

A video tutorial is available on this topic. To access the video, click the following link:

Watch a related video (07:21)

Overview Information

TIP: For information on managing and tracking the vCenter Servers and the ESXi hosts that are used in your organization, see Introducing the Virtual Inventory Feature.

A virtual machine is not actually a physical machine but rather a software environment (usually an operating system) designed to emulate a physical machine. A virtual machine can run programs just like a physical machine. The physical machine used to host the virtual machine can often support multiple virtual machines.

Security Controls can scan for and deploy patches to the virtual machines on your network regardless of whether they are online or offline. It can also perform a software asset scan of your online and offline virtual machines.

Online Virtual Machines

A virtual machine that is online and running is treated by Security Controls the same as a physical machine. Patch scans and asset scans will be performed in the same manner as on a physical machine. Any patches that may be missing can also be deployed in the same manner to both your physical machines and your online virtual machines. This means that your online virtual machines are protected by the latest software patches just like your physical machines.

Offline Virtual Machines

Security Controls also enables you to scan and patch offline virtual machines. Offline virtual machines are those that aren't powered on when a patch scan or an asset management scan is performed. These virtual machines may be powered on for only a few hours or days a month and then powered off until they are needed again the next month. It's important to ensure that these systems are patched so that when they are brought online they don't place your network at risk.

Security Controls makes it easy to scan these offline virtual machines. When you initiate a scan of a machine group that contains offline virtual machines, Security Controls will perform a full assessment of the offline virtual machines and display the scan results alongside the results for running systems. Offline virtual machines will be differentiated in the scan results by a unique icon (). The scan results may even identify offline virtual machines that you don’t know about. When viewing machines in Machine View the Offline Scan column in the top pane will indicate if a virtual machine was offline at the time of the scan.

Patching offline virtual machines is similarly simple. You simply highlight the machines and patches you'd like to install and then select Deploy from the Security Controls menu. For offline virtual machines that are hosted on a server, the machines will be powered on, the patches installed, and the machines powered back down. For virtual machines that reside on workstations, the patches will be copied to the offline virtual machines and will be installed the moment that the virtual machine is started (or according to the scheduled patch deployment time).

Virtual Machine Templates

Virtual servers and virtual workstations are often created using a template. Templates enable you to quickly create new virtual machines that conform to your particular configuration requirements. A template that is offline poses no danger to your organization. A template that is brought online, however, is no different than an online virtual machine. It can perform tasks just like any other virtual machine, and it can also contain the same viruses, spyware, and other types of malware that target improperly patched machines. For this reason it is critical that your virtual machine templates receive the same patch management care as your physical and virtual machines.

Security Controls enables you to patch your virtual machine templates. You simply add your templates to a machine group and Security Controls will take care of the rest. For complete details on the virtual machine template scan and deployment process, see Notes About Virtual Machine Templates.