virtual server Piergiorgio Venuti

Virtual server

A virtual server or virtual private server (VPS) is a fully-fledged server with its own operating system and well-defined hardware features only that unlike a classic server it shares physical resources with other virtual machines in this way more VPS can be run simultaneously on the same server (hypervisor).

This virtualization technique allows significant cost savings and an optimization of hardware resources as it is possible to run multiple operating systems on the same hardware.

 

Virtual server – Pros/Cons

Pros:

   ♦ Migration: It is possible to “move” (migrate) a VPS from one server (hypervisor) to another (even without interruption of service).

Example: You have created a VPS on a hypervisor in Italy and you want to move it to a server in America. With a VPS, as long as the Cloud Provider has another Datacenter in America, this can be done quickly.

   ♦ Scalability: It is the possibility of increasing or decreasing the hardware resources (CPU, RAM, Disk, etc) without rebuilding the VPS and in some cases without restarting it in full transparency to users who use the services provided.
Example: A VPS of 2 cores, 1 GB of RAM and 20 GB of disk has been created but after a few months we realize that the RAM memory is insufficient for the services provided and it is necessary to increase it. With a VPS it is very easy to solve this problem, just increase the RAM from the configuration panel and the new configuration will be applied (in the case of linux systems without the need to reboot).

   ♦ Autoscaling: It is the possibility to increase or decrease the resources (scaling) automatically according to well defined hardware policies. This technique is extremely valid in cases of load peaks.
Example: A VPS has been created with 2 cores, 1 GB of RAM and 20 GB but in some periods of the year due to the high user access these resources are not sufficient, then in this case it is possible to configure these policies:

a) If the CPU is at 90% for more than 1h then the CPU of a core increases every 30min for a maximum of 6 cores and then if the CPU is less than 10% for more than 1h decrease the CPU of a core every 30 min up to a minimum of 2 cores.

b) If the RAM is 99% for more than 1h then increase the RAM of 1Gb every 30min for a maximum of 32Gb and then if the RAM is less than 50% for more than 1h decrease the RAM of a core every 30 min until at a minimum of 1Gb.

   ♦ Low cost: by comparing the cost of a VPS to that of a fiscal server like hardware resources, the cost of a VPS is much lower, especially considering that some cost items are already included in the VPS fee. :
   a) Energy consumption;  

   b) Internet band;

   c) Cost of public IP addresses;

   d) Costs related to housing (cooling, surveillance, etc); 

   e) Firewall;

   f) Technical assistance.

Cons:

   ♦ Shared resources: Depending on the configurations and characteristics of the Cloud Provider, some hardware resources, such as the CPU, could be shared so performance may be lower than a physical server. This condition is not always true as it is possible to request a 100% allocation on all hardware resources to your Cloud Provider.

Virtual server – Limits:

  1. ♦ OS Virtualization: Not all operating systems and platforms can be virtualized (Eg AS400, Apple OS).
  2. ♦ Band: Although this is not an inherent problem of virtualization itself there could be latency differences in the Internet connection between a physical server in the company and a VPS if users are predominantly within the company and if the company has not an adequate Internet line.
    Example: A physical server in the customer’s DMZ is accessed by its LAN users via a 10Gb line, if the server is virtualized and becomes a VPS at a Cloud provider, access to it is transmitted via the client’s Internet line which may be more slow.

Virtual server – False myths

    1. ♦ A VPS does not have the same performance as a physical server: By allocating 100% of the physical resources and correctly dimensioning a VPS the latter has nothing to envy to a physical server from a performance point of view.
    2. ♦ A VPS is less secure than a physical server: A VPS can have the same degree of security as a physical server because it is possible to adopt the same security measures (Firewall, Antivirus, Hardening, VPN) applicable to a Fiscal server.

    Check out the Cloud Server

 

[btnsx id=”2931″]

Useful links:

VPS Metered – Cloud location

IaaS | Cloud | Infrastructure as a Service

Demo Cloud Servers

Server Cloud

VPS

Alternative to the NAS

New templates for VPS

Free Microsoft Windows licenses

Let’s Encrypt Free Certificates for all Webhosting users

CloudFlare free Plesk extension for Webhosting users

Share


RSS

More Articles…

Categories …

Tags

RSS darkreading

RSS Full Disclosure

  • SEC Consult SA-20240220-0 :: Multiple Stored Cross-Site Scripting Vulnerabilities in OpenOLAT (Frentix GmbH) February 21, 2024
    Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 20SEC Consult Vulnerability Lab Security Advisory < 20240220-0 > ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT (Frentix GmbH) vulnerable version:
  • Re: Buffer Overflow in graphviz via via a crafted config6a file February 21, 2024
    Posted by Matthew Fernandez on Feb 20The fix for this ended up landing in Graphviz 10.0.1, available at https://graphviz.org/download/. Details of this CVE (CVE-2023-46045) are now published, but the CPEs are incomplete. For those who track such things, the affected range is [2.36.0, 10.0.1).
  • CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool February 21, 2024
    Posted by Jeroen J.A.W. Hermans via Fulldisclosure on Feb 20CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool ======================================================================== Summary ======================================================================== A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents....
  • Microsoft Windows Defender / Backdoor:JS/Relvelshe.A / Detection Mitigation Bypass February 21, 2024
    Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/Windows_Defender_Backdoor_JS.Relvelshe.A_Detection_Mitigation_Bypass.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Detection Mitigation Bypass Backdoor:JS/Relvelshe.A [CVE Reference] N/A [Security Issue] Back in 2022 I released a...
  • Microsoft Windows Defender / VBScript Detection Bypass February 21, 2024
    Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_VBSCRIPT_TROJAN_MITIGATION_BYPASS.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Windows Defender VBScript Detection Mitigation Bypass TrojanWin32Powessere.G [CVE Reference] N/A [Security Issue]...
  • Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3 February 21, 2024
    Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART_3.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Windows Defender Detection Mitigation Bypass TrojanWin32Powessere.G [CVE Reference] N/A [Security Issue]...
  • 44CON 2024 September 18th - 20th CFP February 15, 2024
    Posted by Florent Daigniere via Fulldisclosure on Feb 1544CON is the UK&apos;s largest combined annual Security Conference and Training event. Taking place 18,19,20 of September at the Novotel London West near Hammersmith, London. We will have a fully dedicated conference facility, including catering, private bar, amazing coffee and a daily Gin O’Clock break.         _  […]
  • SEC Consult SA-20240212-0 :: Multiple Stored Cross-Site Scripting vulnerabilities in Statamic CMS February 14, 2024
    Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 13SEC Consult Vulnerability Lab Security Advisory < 20240212-0 > ======================================================================= title: Multiple Stored Cross-Site Scripting vulnerabilities product: Statamic CMS vulnerable version: =3.4.17 CVE number: CVE-2024-24570 impact: high homepage: https://statamic.com/...
  • Stored XSS and RCE - adaptcmsv3.0.3 February 14, 2024
    Posted by Andrey Stoykov on Feb 13# Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 # Date: 02/2024 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Ubuntu 22.04 # Blog: http://msecureltd.blogspot.com *Description* - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed the […]
  • OXAS-ADV-2023-0007: OX App Suite Security Advisory February 14, 2024
    Posted by Martin Heiland via Fulldisclosure on Feb 13Dear subscribers, We&apos;re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack. This advisory has also been published at https://documentation.open-xchange.com/appsuite/security/advisories/html/2023/oxas-adv-2023-0007.html. […]

Customers

Newsletter

{subscription_form_1}