New
#1
XP Mode and security
Would you need to install any anti virus software for the new XPM as well as your main OS?
Would you need to install any anti virus software for the new XPM as well as your main OS?
Good question, Nick. I'm sure that some people will say Yes and others will say No. Personally, I would say No as it might lead to a conflict issue. This is NOT the same as having a multi-boot system where you can have separate AVs without conflicting (since the OSes are run separately). With this feature, XP Mode, is an application that runs under W7 and, therefore, uses the AV security present on the host (W7).
Have a look here Hyper-V, Virtualization | Server and Application Resources on TechNet
Specifically, look at Virtualization and Security: What Does It Mean for Me? Goto the subsection entitled Virtualization Security (the 3rd tab, approximately halfway through the presentation).
Note that you will need to have Silverlight installed, and you will have to use the 32-bit browser.
I'm going to have a look through the resources later. Incidentally, I notice your link button has reappeared AGAIN. What on earth is happening with it?
I think zero is mind controlling it.
If XP Mode works like traditional virtualized hardware (Win7 being the host and WinXP being the guest with it's own virtual hard drive) then you most definitely want AV software on it. It would basically be its own system at that point and more than likely susceptable to any virii that could be thrown at it. While the host OS might protect against things getting in via a firewall or patched security vulnerabilities, web browsing, file downloading, etc would still be susceptable on the guest OS.
I would second most of what betawind said. Of course I have not laid hands on that XP Mode software, but if it is like Virtual PC/VirtualBox/etc. then I would say yes, you should have antivirus software installed on the VM. However, it XP Mode is tightly wound to the host, like running the program in compatibility mode for XP when your host is Vista, for example, then no.
If you look at the screenshot on the below page, it appears to be just like a Virtual PC (MS Virtual PC, VirtualBox, VMWare, etc) so I'm guessing it will need AV/Spyware protection just like any other host/guest set up.
Virtual Windows XP Mode (XPM or VXP) for Windows 7 x86 and x64 VHD Package Installer Download » My Digital Life
Hi
I thought the Virtual PC is a GUEST OS. The HOST is the actual PHYSICAL machine running the virtual pc software.
In this case unlike a fully "virtualized or classical VM" the virtual PC isn't on a network as a "separate entity" so other machines on your network won't be able to comminicate with the VM running in "XP compatability mode".
A classical VM will appear on your network just like any other real machine does. So for those types of VM's the same rules apply as for your physical machine since a virus on the VM could be transmitted to other machines on your LAN real or Virtual.
With "XP mode" you've got a slightly different scenario as I've explained above. Whilst you can't network between the VM and the rest of your LAN you can infect disks on your real machine since the VM shows the LOCAL REAL HOST's disks as well as the virtual disks allowing you to cut and paste data between guest and host.
Because the Virtual machine can access the Internet and is able to install applications then you *might* consider installing av software on the virtual PC.
However since XP mode is only likely to be used for "Office" and trusted corporate / work place apps you won't really need to install AV software -- especially if you block separate Internet access from the Virtual PC.
The weak link in all this of course is in the use of USB drives. You can probably prevent a user attaching a USB drive to the virtual machine by disabling the facility on the host first.
Cheers
jimbo
Yes, that's true. He said a HOSTED OS, not a HOST OS. HOSTED = Guest :)
What you you mean by a virtualized VM? Are you talking about a VMWare ESX Server? Do you know that the XP mode won't appear on the network for sure? I have 3 Virtualbox VMs running my Win7 machine using host interface networking. They show up as seperate PCs on my network.
While this may be it's intended purpose, I could see it being used in place of Win7 for the average employee (in a business environment of course). Most end users hate new looks/feels to things and given the option between their well known and well loved XP and the new Win7 I would imagine they'd choose XP. My opinion though.
This all depends on how USB connectivity is disabled. Windows policy can prevent the USER from doing it, but I would have to imagine the hardware passthrough of Virtual XP uses the LocalSystem account, which would allow passthrough even if the current user was blocked.
If you're using a kernel level protection such as Sanctuary Device Control that's a completely different story as it can prevent the entire OS from having access.