The Virtualization Practice

Author Archive for Edward Haletky

Edward Haletky
Edward HaletkyEdward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

VMware has updated the vRAM pricing for vSphere 5 to address certain customer issues, and deserves a great deal of credit for acting this quickly and decisively to the feedback that was generated by the initial announcement. However, even with the new vSphere 5 vRAM pricing the question is now raised as to whether competing and less expensive virtualization platforms are acceptable for some entire companies, and some use cases within what used to be 100% VMware shops. VMware has created an opening for Microsoft, Citrix, and Red Hat. As this sorts itself out, the virtualization platform landscape will change – resulting in a minimum in a new focus on tools to manage multiple virtualization platforms.

At the NE VMUG, while walking the floor I saw a new virtualization backup player, perhaps the first generic Replication Receiver Cloud: TwinStrata. And information gained while not at the NE VMUG. There is also a new virtualization backup player just for Hyper-V: Altaro. As well as a new release of Quest vRangerPro. The Virtualization Backup market is a very dynamic market with new ideas, technologies, and concepts being put into the market at every turn. In many ways, the market leaders are not the bigger companies but the smaller and fast growing companies. In the past, it was about features associated with pure backup, but now it is about features and fast disaster recovery and recovery testing.

I was reading through a recent article about the new Java 7 release, which contradicts Oracle’s current support statement with respect to licensing. The License from Oracle exclusively states Java 7 is only supported on those hypervisors Oracle currently supports: Oracle VM, VirtualBox, Solaris Containers, and Solaris LDOMs except where noted. That last phrase is rather tricky, so where do we find such notes. Is the noted the support document stating that they support Oracle products within a VMware VM? Or is it somewhere else in the license? This leaves out all major hypervisors: Citrix, VMware, and Microsoft. If you cannot find a note saying things are supported, somewhere.

This implies quite a bit for the future of Java support within most PaaS environments being built today. In essence, they cannot upgrade to Java 7. Which means they may fall behind. This would impact OpenShift, Amazon, Google, CloudFoundry, SalesForce, and others.

The 7/7 Virtualization Security Podcast with Steve Kaplan, Vice President of INX’s Data Center Virtualization Practice and well known ROI/TCO expert within the virtualization and cloud space, joined us to talk about the ROI and TCO of virtualization and cloud security. We discussed someways to view virtualization and cloud security, but mostly the fact that many people may not think ROI or TCO even applies until a problem occurs and you need to rush in and find and fix the leak that lead to a break-in. In essence, the ROI of proper security tools is your entire business.

Licensing:  Pools and Architecture Changes?

In the past, virtualization architects and administrators were told the best way forward is to buy as much fast memory as they could afford as well as standardize on one set of boxes with as many CPUs as they dare use. With vRAM Pool licensing this type of open-ended RAM architecture will change as now I have to consider vRAM pools when I architect new cloud and virtual environments. So let’s look at this from existing virtual environments and then onto new virtual and cloud environments. How much a change will this be to how I architect things today, and how much of a change is there to my existing virtual environments? Is it a better decision to stay at vSphere 4? Or to switch hypervisors entirely?

The 6/30 Virtualization Security Podcast with Simon Crosby Founder and CEO of Bromium started with a discussion of SaaS security but soon went to a discussion of Data Security. Simon left Citrix not to long ago to form a new company, Bromium, to seriously look into how the hypervisor itself can provide better security for data manipulations than it does today. But first we started off with SaaS and how you can Identify the user within a cloud.

Security in the cloud and the virtual environment is ‘all about the data’ and not specifically about any other subsystem. It is about the data. As such the data has something it knows (the contents of the data), something it is (its signature), and something it has (its digital rights) and since it has these three elements, the data has all it has identity. However, protecting the data requires us to put things between the data and the real world such as firewalls, and complex role based access controls, as well as methods to replicate the data to other locations in a non-intrusive mechanism. The goal to such replication could be to ensure multiple sites have the same data (such as a hot-site) or to have the data available in another locations in case of disaster.

Virtualized Replication: vSphere APIs Expand

As a delegate for Tech Field Day 6 in Boston, I was introduced to SRM Replication as well as ZeRTO a third party replication tool. They seem to be as different as night and day but are they? Both work within the vSphere environment to replicate virtual disks regardless of storage type, and apparently hook into the same location within VMware’s API stack. This shows a maturity of VMware’s API stack that until now has been unknown and secret. In this one area, Microsoft Hyper-V is beating VMware vSphere: The availability of well known APIs that are easy for Third Parties to use. I now see a change in VMware’s behavior, can they continue this growth?

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio