Educause Security Discussion mailing list archives
Re: Deepfreeze on vm's?
From: Christopher R Webber <christopher.webber () UCR EDU>
Date: Wed, 7 Dec 2011 20:21:25 +0000
I was under the impression that there was a way to essentially destroy the vm on log off so that every time you logged on you got a fresh vm. -- cwebber On Dec 7, 2011, at 12:15, "Brandon Payne" <payneb () SVCC EDU<mailto:payneb () SVCC EDU>> wrote: Yes, I understand its as easy as deleting the problematic VM and a few minutes later the replica master starts provisioning a new VM; Getting it back up and running in a matter of minutes. However, Student/Faculty users will likely be Local Administrators (allowing the use of installing student book resource cd's, old legacy software that requires admin to run, etc.), therefore the use of Deepfreeze has helped tremendously. The idea of having Deepfreeze on the VM and having the VM reboot on logoff gives a calming feeling. -- Brandon Payne Technical Support Specialist Information Services Sauk Valley Community College On Tue, Dec 6, 2011 at 5:14 PM, SCHALIP, MICHAEL <mschalip () cnm edu<mailto:mschalip () cnm edu>> wrote: Agreed.......or, couldn't you just reprovision a new image on the fly? -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>] On Behalf Of Mike Lococo Sent: Tuesday, December 06, 2011 4:08 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Deepfreeze on vm's? On 12/06/2011 06:00 PM, Brandon Payne wrote:
We are looking into VDI for all our computer labs. VMware View to be exact with WYSE P20 Zero Clients. Roughly about 300 or more vm's for all the labs. From a virtual standpoint - do you see the need for Faronics Deepfreeze on all computer lab vm's? Currently we are using Deepfreeze on our desktops in all labs and has worked out great. For this situation, I'm not interested in the security implications of why Deepfreeze is bad, just if its recommended in a virtual environment. What are you doing in situations if a user profile gets hosed up with malware in this vm enviroment?
Why wouldn't you use the native snapshotting facilities that VMWare provides? The main feature that deepfreeze delivers in the physical world is snapshotting and rollback, and that's a feature that VMWare delivers out of the box. Cheers, Mike Lococo -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Current thread:
- Deepfreeze on vm's? Brandon Payne (Dec 06)
- Re: Deepfreeze on vm's? Mike Lococo (Dec 06)
- Re: Deepfreeze on vm's? SCHALIP, MICHAEL (Dec 06)
- Re: Deepfreeze on vm's? Brandon Payne (Dec 07)
- Re: Deepfreeze on vm's? Christopher R Webber (Dec 07)
- Re: Deepfreeze on vm's? Brandon Payne (Dec 08)
- Re: Deepfreeze on vm's? SCHALIP, MICHAEL (Dec 06)
- Re: Deepfreeze on vm's? Mike Lococo (Dec 06)
- Re: Deepfreeze on vm's? Dennis Meharchand (Dec 06)
- Re: Deepfreeze on vm's? Walter Moore (Dec 07)
- Re: Deepfreeze on vm's? SCHALIP, MICHAEL (Dec 07)
- Re: Deepfreeze on vm's? Valerie Vogel (Dec 07)
- Re: Deepfreeze on vm's? Dennis Meharchand (Dec 07)
- Re: Deepfreeze on vm's? Mclaughlin, Kevin (mclaugkl) (Dec 07)
- Re: Deepfreeze on vm's? Dennis Meharchand (Dec 07)
- Re: Deepfreeze on vm's? Mclaughlin, Kevin (mclaugkl) (Dec 07)
- OT: Software patent FUD? Steve Bohrer (Dec 07)
- Re: Deepfreeze on vm's? Walter Moore (Dec 07)