The Future is Now
Well, maybe not quite; but here are some discussions about things that are going on now.
The thin embedded hypervisor in your future:
In order for a future like this to happen — with an embedded, thin hypervisor and a full mix-and-match set of virtual appliances cooperating on your desktops and servers — the hypervisor must be independent of the underlying operating system.
Where is all this virtualization going?
The trusted desktop is now behind a line of security that will protect it from the outside and from other VMs. Then you have a default non-trusted application VM. Maybe this VM runs applications like an Internet browser, media player, etc. This VM (or more likely its applications) is invoked whenever the user makes a call outside its trusted area or uses an application specifically configured for high security. This application is then presented to the trusted desktop (kind of like an ICA seamless window) but
is actually running in another VM. The non-trusted application VM might not even have an entire OS like we know it. Instead this VM may be another VM Appliance that has a small OS that loads just enough to support that browser app and a few multi-media type apps and presents the screen (like ICA or RDP) into a window in the Trusted VM.
The notion of a rentable VPU leads itself to considerations of a Trusted Computing Platform. It seems likely to me that a future appliance firewall will mediate both the ingress and egress of data not just from the network but to the processor.