Page 1146 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1146

internal work areas. Cipher locks, mantraps, security badges, and
               guards are all common methods used to control access.



               Managing Virtual Assets

               Organizations are consistently implementing more and more
               virtualization technologies due to the huge cost savings available. For
               example, an organization can reduce 100 physical servers to just 10
               physical servers, with each physical server hosting 10 virtual servers.

               This reduces heating, ventilation, and air conditioning (HVAC) costs,
               power costs, and overall operating costs.

               Virtualization extends beyond just servers. Software-defined
               everything (SDx) refers to a trend of replacing hardware with software
               using virtualization. Some of the virtual assets within SDx include the
               following:

               Virtual Machines (VMs) VMs run as guest operating systems on
               physical servers. The physical servers include extra processing power,

               memory, and disk storage to handle the VM requirements.

               Virtual Desktop Infrastructure (VDI) A virtual desktop
               infrastructure (VDI), sometimes called a virtual desktop environment
               (VDE), hosts a user’s desktop as a VM on a server. Users can connect
               to the server to access their desktop from almost any system, including
               from mobile devices. Persistent virtual desktops retain a custom
               desktop for the user. Nonpersistent virtual desktops are identical for

               all users. If a user makes changes, the desktop reverts to a known state
               after the user logs off.

               Software-Defined Networks (SDNs) SDNs decouple the control
               plane from the data plane (or forwarding plane). The control plane
               uses protocols to decide where to send traffic, and the data plane
               includes rules that decide whether traffic will be forwarded. Instead of

               traditional networking equipment such as routers and switches, an
               SDN controller handles traffic routing using simpler network devices
               that accept instructions from the controller. This eliminates some of
               the complexity related to traditional networking protocols.

               Virtual Storage Area Networks (VSANs) A SAN is a dedicated
   1141   1142   1143   1144   1145   1146   1147   1148   1149   1150   1151