Consider a computer running one or more virtual machines, using virtualization software such as VMware. The base computer runs an operating system (the baseOS), and the virtualization software (e.g., VMware) runs as an application on the baseOS. An operating system runs in the virtualization environment (a guestOS) in order to form a virtual machine. The applications running in the virtual environment on the guestOS have their data organized in the form of files in the file system of the guestOS. There is typically a single file in the baseOS file system that houses all the data for the applications running in the guestOS, and the guestOS itself. Any baseOS user or application looking at the file data on the baseOS will not be able to make any sense of virtual machine data, as the guestOS file system does not necessarily write file data sequentially within the baseOS file representing a virtual machine. Instead, the data extents of the files in a guestOS are present in a seemingly random sequence in the single file on the baseOS. Therefore, an application on the baseOS cannot reorganize the file data and reconstruct the files in the guestOS environment without the help of the file system on the guestOS.
In such an environment, if anti-virus software scans the baseOS system for viruses, it does not get reliable information concerning viruses that may be in any virtual machine files on the system. Thus, even if each baseOS file representing a virtual machine is scanned and no virus signatures are found, there could still be undetected virus signatures present that are broken up and stored non-contiguously such that the baseOS file system does not recognize the different blocks as comprising contiguous data. Thus, in order to safely conclude that no viruses are present on the base machine, each virtual machine would also need to be scanned.
Individually scanning the file system of each virtual machine results in lot of work duplication and performance overhead. Each baseOS file representing a virtual machine must be scanned multiple times, once at a baseOS level, and again at a virtual machine level. The act of separately scanning the virtual machine file systems populates those file systems and the baseOS file system with scanning data. Additionally, the anti-virus scanning tool would need to be installed on each of the guestOS operating systems of the virtual machines.
What is needed are methods, computer readable media and computer systems for performing a single scan on a base machine such that all associated virtual machines can also be reliably scanned.