The Virtualization Practice

Author Archive for Edward Haletky

Edward Haletky
Edward HaletkyEdward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

DataCenterVirtualization

Many network virtualization products appear to be aimed at the top 10,000 customers worldwide, accounting for their price as well as their published product direction. While this is a limited and myopic view, many claim it is for the best, their reason being that network virtualization is only really needed by the very large networks. The more I think about this approach, the more I believe it is incorrect. Let us be frank here. Most networking today, within many different organizational sizes, is a hodgepodge of technologies designed to solve the same problem(s) over and over: how to get data quickly from point A to point B with minimum disruption to service.

Hytrust100x30

We have written before about HyTrust and its growing ecosystem of partners, but now HyTrust has acquired HighCloud Security, a provider of encryption and key management for the virtual and IaaS environments. HyTrust provides control and visibility into actions by virtualization administrators within a VMware vSphere or vCloud environment. With the acquisition of HighCloud Security, HyTrust now adds data privacy to its suite of tools. Initially, HighCloud Security’s encryption and key management will be separate products, but there are many ways in which the technologies can be combined. The purchase changes HyTrust’s unique stance in the industry.

VirtualizationBackup

Data protection of the future: What will it look like? Will we have huge amounts of storage in just one place, or will we have myriad data everywhere? The more copies the better, for example? Or are we moving toward a combination of the two? Can what we are doing today actually be used for data protection in the future? Think about how hybrid clouds are used today: do they grant us new forms of data protection?

In the past we have discussed the various aspects of the secure hybrid cloud, ranging from the data center through a transition stage and finally to and from the cloud. Unfortunately, picking just one security solution, or even one family of solutions, does not work, so we need to start thinking outside the box and pick the best based on our needs, which cover compliance as well as security. So how do we pick a security solution based on our needs?

When we look at the Secure Hybrid Cloud, we notice a few things immediately, such as the need to look at how the data is moving, where the users are going, and the fact that they may never touch the data center component of the cloud at all. Our worldview has to change to be more user-, app-, and data-centric. Hybrid cloud security fails if we continue to consider our data center protections enough, as the bastions have moved and we may not know how that happened.

Virtual Networking Is Not Network Virtualization

While SPB is a very interesting protocol, my questions were about how deep into the virtual environment the protocol extends. While SPB and other networking protocols are considered by some to be network virtualization, I could not see this within the realm of the virtual network and hence, confusion reigned supreme. Depending on who is talking to each other, the same words can mean many different things. What I found amazing, still, is that most people thinks networking ends at the physical NIC within the virtualization host, and that what is inside, does not matter as much as what is outside.

Hytrust100x30

HyTrust released their version 3.5 of their virtualization security proxy and compliance tool. This tool is core to a growing ecosystem of partners and systems. HyTrust has also expanded its role within the Secure Hybrid Cloud by covering more of what is traditionally part of the data center. HyTrust is a proxy that sits between an administrator and sensitive systems by providing advanced role based access controls but also advanced logging. With HyTrust fronting your VMware vSphere environment, HP ILO, Cisco UCS UIM, Nexus Switches, administrators gain a fine grain level of control over actions, improved logging in these environments, and the ability to vault critical passwords.

VirtualizationSecurity

I came away from HP Protect 2013 wondering if current security sold by the traditional security players will actually scale to the hybrid cloud? Are these security tools still system-centric or are they moving to data-, user-, and app-centric? I feel that this move has started but has far to go. I do not think many of the current batch of traditional security services implemented in data centers today can scale properly.

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio