vm vs sandbox

In this article, we will talk about virtual machines and sandboxes.

Although these two technologies share some features, they are basically different.

What are the differences between virtual machines and sandboxes?

Creating a virtual machine means reproducing a complete environment, including the operating system, drivers, file managers, and applications, within a physical host machine.

In a sandbox, a protected environment is created on the host operating system, that shares a part of the file system around a single application, from the most sophisticated software performing complex operations to individual and standard one, such as web browsers or e-mail clients.

In both cases, you can do any tests without compromising the basic host system: in the event that the virtual machine or the sandbox is corrupted due to a failed test or a malware downloaded by mistake, it will be possible to restore the system or re-install it again.

In the case of the virtual machine, it is necessary to start from scratch installing again the operating system, the applications to be used and configuring the system settings again.
On the contrary, the sandbox can be restored immediately without any additional configurations, giving you a system that doesn’t include the latest changes made to the filesystem, but that works immediately.

This is perhaps the most notable difference combined with the fact that sandboxes do not require much in terms of additional RAM or disk space, and they are rather easy to implement and use.

How to create a sandbox?

There are some ways to create and handle sandboxes.

One of best known is Sandboxie, which has been recently released free of charge, waiting to become Open Source. Even Windows 10 offers its own sandbox system, based on Hyper-V technology, but it would be very useful to be able to manage all sandboxes and virtual machines within the same application.

With VMware Workstation Player, you can do the job and manage both VMs and sandboxes using the same software.

Using the Pro version, you can create sandboxes and perform snapshots, that consist in a “photograph” of the virtual machine at a given point in time.
Since it is possible to restore the previous state of the VM back to a precise moment, a snapshot can be seen as a sandbox, allowing the user to restore the virtual machine back to that moment anytime and/or in case of failure.

However, if you do not have the Pro version, you can manage a sandbox system using the OVA Virtual appliance (.ovf) systems.

On the net, it is possible to find some applications that can be implemented on the virtual machine (after registration on VMware site).

To show how easy is importing a virtual appliance and using it in VMWare Workstation Player, we’ll follow the following example, in which there is a specific application, Clearwaters, useful for implementing an IMS for a VOIP system.

As indicated, you need first to download the .ova file (which contains an Ubuntu 14.04 system and the application), and then you can import it into Workstation Player, selecting the “Open a virtual machine” item, from the File menu.

open a virtual machine

choose the .ova file you just downloaded

importing vm

and wait for the import to finish.

vm cw-aio

Once the import is finished, you will find yourself inside the ubuntu terminal, ready to use the dedicated commands regarding the application.

As also described previously, you can install the VirtualBox Guest Additions for more comfortable use of the VM.

To test the use of this VM as a sandbox, let’s try adding a simple test file to the home of this machine.

With your favourite editor, write a text file.

vi text.txt

And the content will simply be

vi text file

With the ls command, you can see the list of the files on the file system, and verify that our newly created file is present.

ls ubuntu

At this point, let’s imagine that for some reason, let’s say a malware, you must destroy this VM.

remove_vm

The process of restoring it and then starting again to work on the application is really a few minutes’ work.

You have just to repeat the steps described above for importing, and you’re done: the only difference is that the previously created file is no longer present inside the sandbox.

ls after remove

Just like writing on the sand, it disappeared as soon as we destroy it.

Conclusion

As already mentioned, with Workstation Player Pro, there are many interesting upgrades in this regard: not only snapshots and sandboxes but above all the possibility of exporting your virtual machines as .ovf or .ova files.
This feature allows you to build sandboxes for your liking.
Let us assume, for example, that you want to add a graphic interface to the VM used in the example, or you want to install a particular application that makes your tests easier.
You would not like to start over with the installations every time you destroy the vm.
With the Pro version, you can prepare you work environment precisely as you like and then you can export it in a useful format for a subsequent import.

In this way, you can build all the work environments you need.

We have often talked about virtualization in many of its aspects, and we have therefore understood that there are many ways to use them, from containers to virtual machines, to sandboxes.

There is nothing, however, that guarantees data security such as backup.

Iperius Backup is complete backup software, with features such as hot copying (without the need to stop the machine), or copying virtual machines running on a Windows host. But also cloud or NAS backup.

 

(Italian, French)



Virtual machines and sandboxes. How to use them within VMware Workstation Player
Iperius IT Team
*****************************************

PLEASE NOTE: if you need technical support or have any sales or technical question, don't use comments. Instead open a TICKET here: https://support.iperius.net

*****************************************

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*****************************************

PLEASE NOTE: if you need technical support or have any sales or technical question, don't use comments. Instead open a TICKET here: https://support.iperius.net

*****************************************