The Virtualization Practice

Author Archive for Edward Haletky

Edward Haletky
Edward HaletkyEdward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

Veeam, Vizioncore, and PhD Virtual all showed there latest released products as well as the future products that integrate with VMware vSphere at much deeper levels that previously available, ala the VMware vStorage API. Talk was also about expanding their products into Microsoft Hyper-V as well as Citrix XenServer. This space has become so important that even the traditional backup vendors such as Symantec (BackupExec) as well as HP (DataProtector) are getting into the act. This shows ecosystem as well as market maturity not seen at last years VMworld.

There have been several interesting posts in the blogosphere about virtualization security and how to measure it. Specifically, the discussions are really about the size of the hypervisor footprint or about the size of patches. But hypervisor footprints from a security perspective are neither of these. The concern when dealing with hypervisor security is about Risk not about the size of the hypervisor or the size of a patch it is purely about the Risks associated with the hypervisor in terms if confidentiality, availability, and integrity.

There is quite a bit of documentation on bare metal or Type 1 hypervisors, including my own book, VMware vSphereTM and Virtual Infrastructure Security: Securing the Virtual Environment, but there is not much material on the proper security of hosted environments, or Type 2 hypervisors, such as Microsoft Virtual Server, VMware Workstation, Fusion, Player, or Server as well as Qemu, Virtuozzo, or OpenVZ.

There have been a recent set of VMware Communities questions that have got me thinking about the prospect of virtualizing high performance computing (vHPC) and whether or not this is even practical, reasonable, and would give any gains to HPC. I think there are some gains to be made but with everything there are some concerns as well. This is of interest to me as at one time I was deep into High Performance Technical Computing and marrying Virtualization to HPC/HPTC would be a very interesting option.

The biggest question I ask myself when I see VMsafe appliances is: will it replace my current virtual firewall setup? Replace my Anti-virus? or Both? I am seeing a trend that gives me pause. That is a VMsafe appliance being more than one thing. For example, Trend Micro is an Anti-Virus company that bought Third Brigade (a firewall company) and are now in the mix of merging the two technologies into one. What has happened to one tool that does one thing and does that one thing very well?

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio