The Virtualization Practice

Author Archive for Edward Haletky

Edward Haletky
Edward HaletkyEdward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

When CloudFoundry was announced, my first thought was this is a nightmare waiting to happen. Why do I think this, because I was not thinking about Open Source developers but enterprise developers and the biggest issue with enterprise development is that the data used by developers is either made up data, but more often than not is actual production data. So the question becomes how can such data be protected when using PaaS public clouds?

VMware and Microsoft approach the Small to Medium companies quite differently, but which product to buy often depends on your business needs vs cost of the products. However, there needs to be at least one major distinction: SMB vs SME.

The Small to Medium Business (SMB) is quite a bit different than the growing number of Small to Medium Enterprises (SME), and VMware knows this does Microsoft or Citrix?

VMware’s latest effort, CloudFoundry, is not about VMware delving into the PaaS market even deeper. They have done that already with VMforce. CloudFoundry on the other hand is a fairly astute move to enable the development and rapid adoption of cloud based applications. The end goal is to sell what makes up a PaaS environment which is more enabling software. This would enable enterprises and businesses to move to the cloud. The problem with them moving now is that there are not that many applications that are cloud friendly. In effect more concentration on the application and less on the operating system which has always been VMware’s strategic direction.

Harris Trusted Cloud – Closing the Gap

On the 4/7/2011 Virtualization Security Podcast, we were joined by Wyatt Starnes of Harris Corporation. Wyatt is the Vice President of Advanced Concepts of Cyber Integrated Solutions at Harris. What this means, is that Wyatt is one of the key folks of the Harris Trusted Cloud initiative. Trust is a funny word, and we have written about that in the past. Harris’ approach is unique in that they are attempting to ensure integrity of all components of the cloud down to the code level, not just the network with their target being the hosted private cloud and NOT the secure multi-tenant public cloud.

There were two announcements over the last few days that struck me as quite important to the virtualization community. While some may question this statement, the long reaching effects of these purchases will impact virtualization and cloud computing in not so distant future. In fact, these purchases could add a whole new layer to vSphere as we know it today. Which for VMware is a good thing. They need to continue to innovate to stay ahead of the pack. The purchases I talk about are:

VMware purchasing/taking over control of EMC Mozy
RSA purchasing NetWitness

Managing licensing and utilization costs is a mess today in the physical world. Introducing elastic scaling of workloads into a hybrid private/public cloud introduces new uncertainties and new software licensing metering and compliance issues. This is particularly true in the case of enterprise applications which are licensed by the enterprise from the software vendor and then deployed on an as needed basis on Iaas or PaaS clouds.

With the diversity of cloud’s available today, data being sent from one to another could appear to be a hodge-podge of security. As one colleague put it recently when I asked what he was expecting to maintain integrity of data in motion between clouds:

“… what kind of kludge can things end up being when you have multiple connections to multiple hybrid clouds all doing different things” — Steve Beaver

So how does data transfer between the clouds? Is it a kludge? or can it be done using a uniform security policy, procedures, and protocols while maintaining Integrity and Confidentiality and auditability?

VMware released 3 versions of vCenter Operations, standard, advanced, Enterprise. We have already discussed the abilities of vCenter Operations vCenter Operations – vSphere Performance, Capacity and Configuration Management with Self Learning Analytics but is this an integrated and secure implementation of monitoring or do we need more security than what is provided?

At the time the first article was written there was a bit of vital information we did not have available to us. That is how to access vCenter Operations Standard or Advanced in a multi-tenant manner, that has now been provided. vCenter Operations Alive functionality can be accessed directly from a web browser using your VMware vCenter Credentials, which allows you to see the Alive status of any VM you have the permissions to view. This capability is a huge capability, as it now allows me to provide a non-vSphere Client mechanism to view the status of the virtual environment.

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio