Performance and Student Perception Evaluation of Cloud-based Virtualised Computing Labs
School of Computing
Prof William J. Buchanan, Dr Jamie Graves, Niladri Bose, Richard MacFarlane, Robert Ludwiniak, Brian Davidson, and Bill Buchanan (Dell Computers)
This work focuses on the integration of virtualised environments within the teaching of computer security and digital forensics, and includes three case studies. The first case study involves assessing student perception on the usage of VMware Workstation and AWS (Amazon Web Services) for security and digital forensics labs, while the other two present a performance evaluation of a Cloud-based infrastructure using VMware ESXi. The evaluation for the first case study shows the results of a questionnaire for the integration of VMware Workstation and AWS and highlights that the virtualised environment seems to engage students more than traditional desktop ones, along with identifying the key areas which seem to be useful, such as for network forensics and in running instances within a sand-boxed environment. The other two case studies show an evaluation of the performance impact of security and digital forensics students using a Cloud-based infrastructure for their labs, and that the developed infrastructure copes well with both scheduled lab-based classes, remote access, and a virtualised environment for courseworks.
The key finding of Case Study 1 is that students seem to be more engaged with the usage of virtualised environments as it allows them to work on real-life systems, while working within a sandbox. The advantages of AWS are less clear, and the main strength was seen to be gain knowledge in using a public cloud infrastructure. Case Study 2 has shown that both Static and Live Forensics can be run successfully with a virtualised environment, including the mounting of disk images, and in analysing running machines. This provides students with, again, real-life environments on a range of operating systems (such as Windows and Linux). There were problems identified, and generally Linux instances ran much better than Windows ones, which highlights that Windows instances must be carefully managed when there are many students running them at the same time. A strong recommendation is that large classes should possibly be told to stagger their boot of Windows instances, so that the system does not get overwhelmed with the initial boot up. The key finding of Case Study 3 is that the infrastructure coped well with scheduled labs, showing fairly low CPU utilization measures, and also managed to cope with a fairly processor-intensive coursework. There was thus little need for the processing of the second and third server in the cluster. This is useful as the other servers can be used in a case of system failure on the main server. The daily loading of the cluster though was mainly due to the coursework, and there was an increased loading in it within the last two weeks of the coursework submission. Overall the key advantage of using the cluster within the coursework is that a real-life server can be placed within it, and students can assess it from their own instances, at any time. This allows them to use a tool which would not normally be allowed on public facing infrastructures.
Most computing modules often require some form of lab-based practical work. Unfortunately, these labs can be fairly limited in their scope, as they must be run on a standard academic desktop. Along with this, it is often difficult for students to complete their lab-based work remotely or provide an equivalent infrastructure within franchised programmes. Thus the usage of virtualised labs has a great potential as students can get the same lab infrastructure as local students would get in the lab and also operate within a sand-boxed environment, where they can take full control of their environment. In terms of security and digital forensics teaching there are many additional advantages to virtualisation, including allowing students to learn on systems which are near to real-life and which are within a ring-fenced and sand-boxed environment. This allows for a wider range of security tools to be used which would not normally be allowed on computers within a traditional lab-based environment. In terms of digital forensics, students can train on systems which are complete and analyse them for both static and live forensics. Virtual images can then be set up with a number of scenarios, and students can mount drives for static analysis, or analyse running systems for live forensics. Other associated benefits for tutors include the enhanced support for remote/distance learning and the easy setup/modification of labs. There are, though, still many key questions that remain on the usage of virtualised environments within security and digital forensics, including: • Whether students actually prefer the virtualized environments to a normal desktop installation? • Whether typical cluster infrastructures can cope in terms of performance for normal student usage (including peaks in load caused by coursework assessments)? • Whether public cloud infrastructures are better than private ones? • What the typical usage of the virtualized infrastructure will be? At present these questions are not fully answered by the work, and research will continue over Semester 2, 2011, to completely evaluate the impact of using a private cloud for teaching.
The work has been submitted to an educational conference. Student feedback on the modules covered has been exceptional over the past few years, with every student rating the modules as either Very Good or Good, with the vast majority rating them as Very Good (which is the highest rating).
Performance and Student Perception Evaluation of Cloud-based Virtualised Computing Labs by Prof William Buchanan is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
The details of the developed private cloud are at: http://napiercloud.pbworks.com and the private cloud is at: http://lm2003.napier.ac.uk
01 January 2010