Solved

What benefit is there to leaving virtualization settings in BIOS disabled?

Posted on 2014-09-13
4
508 Views
Last Modified: 2016-11-23
I often see on mid-range business desktop PCs (e.g. Dell and HP) that the CPU virtualization settings (e.g. Intel VT-x and AMD-V) are disabled by default. I usually enable it just for the sake of having it available in case I ever want to use it.

Is there a reason why it should be left disabled? Is there some kind of security or performance benefit to leaving it disabled on regular PCs that are not going to be doing any virtualization?

If so, does the same argument apply to servers which do not need virtualization?
0
Comment
Question by:Frosty555
  • 2
4 Comments
 
LVL 93

Accepted Solution

by:
John Hurst earned 167 total points
ID: 40321082
I do not know why it is disabled by default, but I cannot see any extra security advantage with it disabled than enabled. I have it enabled on my travelling laptop (in order to run VMware) and there is no security risk to having it enabled - none that I can see or witnessed.
0
 
LVL 119

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 167 total points
ID: 40321109
What benefit is there to leaving virtualization settings in BIOS disabled?

To answer this question, there is no benefit, if left disabled hardware virtualisation is disabled, and you will find you cannot run some Hypervisors, as they have a requirement for it to be enabled.

It's only recently on very modern desktops and servers, that I've started to see Intel-VT and AMD-V being enabled by default.

It always used to be disabled, causing many questions on EE!

Why does my PC, Desktop server not work with viurtualisation.

They was a theory, that users could install and use Virtual Machines to override the PCs OS, and run a new OS, inside the existing OS, but I'm not sure I've yet to see, any evidence of this, or even delivery of an OS running as a VM delivered on a LiveCD ROM.

e.g. VMware Player, Workstation or Virtualbox...

e.g. A portable Hypervisor....

BUT, at the University where I work, it's still DISABLED ON ALL 1500+ Workstations!
0
 
LVL 9

Assisted Solution

by:Carlos Ijalba
Carlos Ijalba earned 166 total points
ID: 40322651
Back in 2006, a concept rootkit based on x86 virtualization appeared, which I believe it was what made the manufacturers turn off the option by default just in case (it's a basic case of "security by OFF by default").

The culprit was called "Blue Pill" (nice reference to Matrix), and was coded by a Polish hacker girl called Joanna Rutkowska.

To have a read on the story (is quite interesting, actually):


For some more technical details about the rootkit inner workings see:

0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40346513
@Frosty555  - Thank you and I was happy to help.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question