Virtual machines (VM) are emulated computers running under a hypervisor. Hypervisors are responsible for arbitration of hardware resources such as memory and processor to the VMs. The hypervisor either runs directly on the hardware (type 1), or runs on top of an operating system as software (type 2). The VMs run a combination of software operating systems such as Windows or Linux called guests, specialized applications or both.
Major differences is hypervisors typically involve how system hardware is emulated and the size of the hypervisor itself. Some hypervisors contain drivers to system hardware and contain the full virtualization stack. These hypervisors are referred to as Monolithic Hypervisors. By contrast, a hypervisor that pushes that functionality higher in the architectural stack and reduces the amount of privileged code is called a Microkernel Hypervisor. This architecture reduces the attack surface and disallows any third party privileged code in the hypervisor.
One step further in increasing the security of the hypervisor is the LynxSecure Separation Kernel Hypervisor. LynxSecure provides secure virtualization through protection of all hardware resources from unauthorized access, partitions those resources accordingly to guest operating systems and applications, and mediation the information flows. With LynxSecure, hardware resources can be arbitrated to guest operating systems such as Windows, Linux, or even real-time operating systems such as LynxOS while maintaining secure separation.
Learn more about LynxSecure Separation Kernel Hypervisor.