Virtual machine (VM): What is it, and how does it work?

A virtual machine (VM) is software that replicates the functionality of a physical computer, including its hardware, operating system, and applications.

While using a virtual machine, you can access all the features you might expect from a computer. It has an operating system, runs applications, and connects to the internet.

Data within a virtual machine can be stored on the host computer’s hard drive or partially in the cloud. The virtual machine uses storage space on the physical device, but its storage space is separate from the rest of the host computer’s data. So in case of a malware infection, the threat on one virtual machine is isolated from other virtual machines and the host operating system.

Virtual machines work similarly to any program you run on your computer.

Once you choose the virtual machine software and install it on your device, you need to do the initial setup. It includes selecting storage, allocating memory, and installing the operating system. After the setup, you can access the simulated computer through a regular application window, just like any other software on your device.

Instead of interacting directly with the physical machine, the virtual machine works with software or firmware components called a hypervisor. The hypervisor is the mediator between the virtual machine and the host device, coordinating the use of storage space and processing power. It adds additional security and ensures that threats on one simulation cannot spill over to others.

Virtual machines have many uses, from running software to handling cybersecurity threats.

• Running multiple operating systems. The most common virtual machine use is to have several functional operating systems on a single device. For example, you can have a Linux computer and install Windows and macOS on the virtual machine to run software incompatible with Linux. Operating systems don’t have to be different – you could have different versions of Windows on your Windows machine to run legacy software or games.
• Developing and testing software. Developers can create isolated virtual machines to build, test, and debug applications without impacting the main infrastructure. A virtual machine can take system snapshots anytime, enabling easy rollback and version control for testing scenarios.
• Cloud computing. Many cloud service providers offer virtual machines as a part of their infrastructure-as-a-service offerings. Businesses can manage VMs in the cloud, allowing them to scale their infrastructure without the upfront investment in physical hardware.
• Sandboxing cybersecurity threats. Security experts can use virtual machines to examine websites or files potentially infected with malware. Opening malicious files within a virtual environment prevents the infection from spreading to other virtual machines on the same physical device. Moreover, it’s easy to roll the machine back to the state before the infection. Being able to take risks in a controlled, virtual environment is crucial for cybersecurity research.
• Catching cybercriminals. Security researchers can use virtual machines to create honeypots – virtual spaces that exist to lure hackers into a trap.
• Browsing safely. Anyone can use virtual machines to enhance their security. If you get a lot of spam emails or visit sites that don’t always turn out to be safe, you can use a virtual machine for safer browsing. When you click a suspicious link or encounter drive-by malware, the threat will be isolated within the virtual machine.

Virtual machines offer several advantages for individuals and organizations of all sizes.

• 

  Versatility. Virtual machines are applicable in a wide range of scenarios. You can use any software you wish, even if the host computer isn’t running the necessary operating system.
• 

  Cost reduction. Virtual machines allow you to access multiple unique computers from one device, conserving physical space and money. They minimize the need for additional physical hardware, power consumption, and cooling.
• 

  Security. The segregation of systems within one device allows for greater levels of security. Even if one virtual machine is hacked or infected with malware, the other virtual computers can still operate relatively safely.
• 

  Scalability and flexibility. You can create and remove virtual machines quickly without significant hardware changes. It allows organizations to adapt their infrastructure to changing demands and workload requirements.

Virtual machines come with some negatives too. Here are some of the disadvantages associated with this technology.

• 

  Limited processing power. VMs rely on the underlying hardware of the host computer, so they can never compete with a physical computer for speed and efficiency.
• 

  Stability issues. Virtual machines have no memory, storage, or processing power of their own. The more virtual environments you install on one computer, the more you divide the resources of that computer.
• 

  Limited speed. Any process carried out on a simulated machine will be slower than an equivalent process on a physical computer.
• 

  Host hardware dependency. Multiple virtual machines could be compromised or lost if the host hardware encounters problems. Remember, all virtual machines on a device rely on the same physical hardware, so if the host machine is hacked or damaged, all the virtual machines could be at risk.

Virtual machines can be classified into different types based on various criteria.

VM types based on their scope

The most common classification considers the scope of a virtual machine and separates VMs into a system and process machines.

• A system machine replicates an entire physical computer. It’s the kind of virtual machine we’ve focused on throughout this article.
• A process machine is a virtual platform designed to run a single process. Rather than simulating an entire computer, process machines emulate just one environment within the host computer and facilitate a specific program or platform. Process machines are sometimes called containers or micro-virtual machines.

VM types based on their level of virtualization

Another common way to classify virtual machines is based on their level of virtualization.

Virtualization is a wide-ranging term for partitioning or combining physical computing resources to create an artificial digital experience for the user. While dividing the resources of a computer to create multiple virtual machines is one form of virtualization, so is combining numerous physical devices to create a single virtual environment.

Here are five kinds of virtualization commonly used today.

1. Hardware virtualization. Hardware virtualization is a computer simulation within a program run on a host computer. The hardware in question can be something other than a computer, of course. For example, hardware virtualization could simulate a gaming device – this is the concept behind console emulators.
2. Application or software virtualization. Usually, when you want to run an application, you need to install it on your device, but that’s not the case if the application has been virtualized. In such a system, the application is stored on a physical server elsewhere on your network. When you want to “open” the application, the server sends you a virtualization of the program, which you can access through your device.
3. Storage virtualization. Storage virtualization focuses on combining multiple physical storage machines into one digital space. For example, a company might combine databases stored across several servers to create a single virtual storage pool. You would feel like you were accessing a single storage space while numerous physical machines contain the data.
4. Network virtualization. Network virtualization can allow the physical infrastructure underpinning a single network to support multiple virtual networks, creating networks within a network. Alternatively, it can combine separate networks into one large virtual network.
5. Server virtualization. The server virtualization process involves dividing a physical server into multiple digital servers. It uses the resources of a single physical machine, but those resources appear to users like multiple servers in cyberspace.

VM types based on their tenancy model

Virtual machines that simulate entire computers come in multi-tenant and single-tenant forms.

• A multi-tenant virtual machine allows multiple users (or tenants) to be active on the same physical device. For example, three employees within a company all use different virtual machines, each running off the hardware of a single computer.
• A single-tenant virtual machine, or a dedicated virtual machine, allows a single user to access the physical computer’s resources. That single user can operate multiple virtual machines on the computer. This approach offers a greater level of security but is less resource-efficient.

A couple of related virtualization technologies can come up when discussing virtual machines. So it’s helpful to understand what they mean and how they differ from virtual machines.

Virtual machines vs. containers

Containers are essentially virtual process machines. They are lightweight programs that run a single process or application instead of simulating an entire device with its operating system.

Containers hold just enough code to facilitate a specific functionality. For example, if you want to run a program native to a particular Linux distribution on your Windows system, you could deploy a container to use that specific program.

In a nutshell: Container is a type of virtual machine that simulates a process or software instead of entire hardware.

If you want to know more about the differences between containerization and virtual machines, read our blog post on Dockers vs. virtual machines.

Virtual machines vs. emulators

Emulators simulate the behavior of specific hardware or architecture. They enable software designed for one system to run on another. Unlike virtual machines, emulators replicate the behavior of one particular device or platform rather than providing a complete system environment.

When using a virtual machine, you have the flexibility to install and run multiple operating systems on a single device. A virtual machine allows you to create separate virtual environments for each operating system, enabling you to switch between them as needed. On the other hand, if you use an emulator instead, you would typically select an emulator specific to the operating system or hardware you want to replicate.

In a nutshell: An emulator is an alternative to a virtual machine, providing virtualization of a specific device or platform but lacking the flexibility and scalability of VMs.

Virtual machine software is available for both enterprise and individual users. Most common examples include VMWare and Oracle’s VirtualBox. VMWare and VirtualBox run on macOS, Windows, and Linux. They’re free for personal use.

If you want to choose a virtual machine provider, knowing what features to look out for is imperative.

• Software integration. When you deploy one or more virtual machines, it’s crucial to integrate new systems with your current software infrastructure smoothly. Look for providers that maintain close partnerships with major software vendors, especially if you already rely on the products and tools those vendors sell.
• Technical support. Being able to contact your virtual system provider for technical support is essential for initial setup and long-term maintenance. No matter how good the virtual machine software is, bugs and other issues can arise sooner or later. Providers that offer ongoing customer support should always be your first choice.
• Security. One of the most critical areas to focus on when selecting a virtual machine provider is security. Does the virtual machine software come with built-in security measures? Is virtualized data encrypted?
• Robust, up-to-date infrastructure. Virtualization is only as effective as the hardware that facilitates it. If your virtual machine provider is also responsible for the physical machine hosting it, you should ensure that the hardware is adequate for your needs. Are the computers, servers, and other physical infrastructure up to date? Are they powerful enough to meet user requirements? Will they scale smoothly over time?
• Long-term scalability. Even if the initial deployment is limited, you should always look ahead and consider potential scaling issues. If a provider cannot guarantee reliable performance, integration, and customer support for large-scale deployments, they might not be your best option – futureproofing is important, after all.