Virtual system and method for securing external network connectivity

What is claimed is: 1. A computing device comprising: one or more hardware processors; and a memory coupled to the one or more hardware processors, the memory comprises one or more software components that, when executed by the one or more hardware processors, operate as (i) a visualization layer deployed in a host environment of a virtualization software architecture and (ii) a plurality of virtual machines deployed within a guest environment of the virtualization software architecture, the plurality of virtual machines comprises (a) a first virtual machine that is operating under control of a first operating system and including an agent collecting runtime state information of a network adapter and (b) a second virtual machine that is separate from the first virtual machine and is operating under control of a second operating system in response to determining that the first operating system has been compromised, the second virtual machine being configured to drive the network adapter, wherein after receipt of the state information by the virtualization layer, transmitting at least a portion of the state information to a threat protection component being deployed within the virtualization layer, analyzing, by the threat protection component, the state information to determine whether the first operating system is compromised by at least determining whether (i) an external network connection through the network adapter has been disabled or (ii) a kernel of the first operating system is attempting to disable the external network connection through the network adapter, and upon receipt of the results of the analyzing by the threat protection component that the first operating system is compromised, signaling, by the virtualization layer, to halt operations of the first virtual machine, installing, by the virtualization layer, a second operating system image retained within the memory of the computing device into the second virtual machine, reassigning, by the virtualization layer, the network adapter and adapter resources to the second operating system, the second virtual machine configured to drive the network adapter, and booting the second virtual machine subsequent to the reassignment of the network adapter and the adapter resources from the first operating system to the second operating system. 2. The computing device of claim 1 , wherein the network adapter is configured to establish an external network connection to another computing device. 3. The computing device of claim 1 , wherein the memory comprises software, including the one or more software components that, when executed by the one or more hardware processors, operates as the virtualization software architecture that comprises the guest environment including the first virtual machine and the host environment including the virtualization layer that analyzes data provided from the first virtual machine to determine whether the first operating system has been compromised. 4. The computing device of claim 3 , wherein the virtualization layer in the host environment comprises (1) a guest monitor component that determines whether an event, received from a process running on the first virtual machine that is configured to monitor operability of the network adapter, is directed to disabling or disrupting functionality of the network adapter and (2) a threat protection component that determines that the first operating system is compromised if the event is classified as malicious. 5. The computing device of claim 4 , wherein an event of the one or more events is classified as malicious upon determining that the event represents that an external network connection via the network adapter has been disabled. 6. The computing device of claim 4 , wherein the event is classified as malicious upon determining that a kernel of the first operating system is attempting to disable the external network connection via the network adapter. 7. The computing device of claim 3 , wherein the virtualization layer in the host environment comprises a threat protection component that determines that the first operating system is compromised when the one or more events is classified as malicious upon determining that the first operating system is non-functional. 8. The computing device of claim 3 , wherein the virtualization layer in the host environment comprises a threat protection component that determines that the first operating system (OS) is compromised when the one or more events is classified as malicious upon determining that a guest OS application of the first operating system is inoperable. 9. The computing device of claim 1 , wherein the second virtual machine is configured by removal of a first operating system (OS) kernel and one or more guest OS applications of the first operating system and installation of a second OS kernel and one or more guest OS applications of the second operating system. 10. The computing device of claim 1 , wherein the first virtual machine transitioning from an active state to an inactive state when the first operating system is determined to be compromised. 11. The computing device of claim 1 , wherein the first operating system is a different type of operating system than the second operating system. 12. The computing device of claim 1 , wherein the network adapter corresponds to a software-emulated data transfer device. 13. A non-transitory storage medium that includes software that is executable by one or more processors and, upon execution, operates a virtualization software architecture, the non-transitory storage medium comprising: one or more software components that, when executed by the one or more processors, operate as a network adapter; one or more software components that, when executed by the one or more processors, operate as a virtualization layer; one or more software components that, when executed by the one or more processors, operate as a first virtual machine being part of the virtualization software architecture, the first virtual machine operating under control of a first operating system and including an agent collecting runtime state information of a network adapter; and one or more software components that, when executed by the one or more processors, operate as a second virtual machine being part of the virtualization software architecture, the second virtual machine operating under control of a second operating system in response to determining that the first operating system has been compromised in which functionality of the first operating system is determined to have been altered or network connectivity by the first virtual machine has been disabled, wherein after receipt of the state information by the virtualization layer, transmitting at least a portion of the state information to a threat protection component being deployed within the virtualization layer, analyzing, by the threat protection component, the state information to determine whether the first operating system is compromised by at least determining whether (i) an external network connection through the network adapter has been disabled or (ii) a kernel of the first operating system is attempting to disable the external network connection through the network adapter, and upon receipt of the results of the analyzing by the threat protection component that the first operating system is compromised, signaling, by the virtualization layer, to halt operations of the first virtual machine, installing, by the virtualization layer, a second operating system image retained within the memory of the computing device into the second virtual machine, reassigning, by the virtualization layer