The Virtualization Practice

Author Archive for Edward Haletky

Edward Haletky
Edward HaletkyEdward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

CloudComputing

Recently when I was in Las Vegas for HP Discover I realized that the Venetian/Palazo complex is really a cloud: Vegas as a Service. IT could learn alot from Las Vegas actually and I think that each hotel complex is a private cloud and that taken together the strip is one big cloud. Granted it is a cloud that has a single purpose, but has all the earmarks of a good cloud.

VirtualizationSecurity

I recently read the book Project Phoenix by Gene Kim, Kevin Behr, and George Spafford. If you are in development, IT, and Security it should be #1 on your reading list. In this book the authors discuss all the horrors we hear about in IT with a clear direction on how to fix them. There is politics, shadow IT, over zealous security professionals, over worked critical employees, lots of finger pointing. But there is a clear solution, at least as far as the story goes. We also know that DevOps works, most of the time.

VirtualizationSecurity

On the 5/30 Virtualization Security Podcast, Shaun Donaldson, Director of Alliances at Bitdefender Enterprise, joined us to discuss end user computing (EUC) security and how their new Gravity Zone product ties their enterprise products together under one scalable management umbrella. This was a very interesting conversation on the subject of EUC security, Bring Your Own Device (BYOD) security, and the all aspects of the the EUC stack. There are quite a few moving pieces in the EUC stack that is greater than your mobile device and the system it is accessing. There is a complete networking and political stack between the two and perhaps many systems you have to jump through to access your data.

CloudComputing

As you know we have a cloud presence; we have had one for several months. Now we are evaluating the cloud to determine whether to maintain that cloud presence or move back to our local data center. We also documented some early teething problems within this cloud presence. What should be our evaluation the cloud criteria? Now that our data center is moved and fully functional, should we keep our cloud presence?

VirtualizationSecurity

By far, the lowest hanging fruit of virtualization and cloud environment security is the segregation of your management control from your workloads. Separation of data and control planes have been recommended for everything from storage (EMC ViPR) up to the workloads running within virtual machines. The same holds true for cloud and virtual environment management tools, tasks, and functions. Up to now there have been very few choices in how such segregation could occur using properly placed firewalls or by using some form of proxy and the only proxy available was HyTrust. But this has changed. There are some other tools that will help with this segregation of data from control and do they give the level of auditing we require to solve the delegate user problem?

VirtualizationBackup

In a recent set of announcements the make virtualization backup and data protection companies have announced support for tape. Tape has always been supported indirectly by virtualization backup companies such as Veeam, Quantum, and PhD Virtual as well as directly by Symantec, HP, CommVault, etc. It is interesting to note that there is a convergence on tape support using two distinct methods. The first is to add support for tape libraries directly into their products: Veeam. The second is to add tape support by better integration with their existing product suite: Quantum. Even so, we know that tape still reigns for storing of large amounts of data. We just cannot seem to be rid of it nor do I think we ever will.

Agile Cloud Development

While at Interop I participated in a Tech Field Day event where Spirent was talking about their new Axon product as well as the possibility of usage of Blitz.io. It was an interesting discussion but gave me some food for thought. As we move to cloud scale apps based on platforms such as Pivotal (EMC World was just down the street), OpenShift, and others, we need a way to test those applications at scale. Spirent and Ixia provide these tools, but would they be used in this new model.

DataCenterVirtualization

At EMC World 2013, EMC announced ViPR as the answer to storage within the software defined data center. ViPR presents multiple types of storage while segmenting the control plane from the data plane. In addition, ViPR is a head end, fronting traditional storage arrays as an automation and control point and does not replace any array, but, possibly, makes it easier to use those arrays as we move to the software defined data center. Yet, ViPR also raises several questions about how storage will be accessed by the software defined data center, is ViPR the future or is there more to happen?

Agile Cloud Development

At EMCworld 2013, one of the big stories was Pivotal and it’s importance to the EMC2 family and the future of computing. Pivotal is geared to provide the next generation of computing. According to EMC2 have gone past the Client-Server style to a scale-out, scale-up, big data, fast data Internet of Things form of computing. The real question however, is how can we move traditional business critical applications to this new model, or should we? Is there migration path one can take?

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio