The Virtualization Practice

2011 saw a shift in how virtualization security was viewed and it showed in the way companies teamed up to address those needs. Even so, the most basic of issues still exist: The thought that once you virtualize you are more secure, and the lack of general protection for the management constructs of a virtual or hybrid environment. These two concepts have hindered adoption of virtualization security in 2011. Even so, there has been a steady shift through out the year as more and more companies talk about virtualization security. VMware has definitely lead the pack with its vShield Product line and its unified view of virtualization security. Other hypervisor vendors are also discussing virtualization security through their ecosystem if not directly. 2011 saw many companies forging their own partnerships to augment and compete in this space. Will these partnerships continue into 2012? Will virtualization security continue to be a hot area?

The countdown clock for the end of life of windows XP (the most successful operating system of all time) is running; enterprise IT is having to adjust to multiple disruptive trends that will stress it as never before, mobility, security, smart phones, tablets, BYOD, the cloud, even Apple has found a foothold in the enterprise. Budgets are tight, unemployment is high, mistakes cannot be afforded. This is the 2011 Year in Review for Desktop Virtualization.

Our very own Texiwill hosts a weekly Virtualization Security Round Table podcast. This round table provides an open forum to discuss all things related to Virtualization, Virtual Environment and cloud computing security. We’ve questioned before the benefits of a virtual desktop infrastructure with respect to security. Is VDI secure? Is VDI inherently more secure than “traditional desktops”? The article Virtual Desktop Security? Are They Secure? considered the VDI vendor claims that there are several big virtual desktop security

On 10/6 was held the Virtualization Security Podcast featuring Davi Ottenheimer in his role as a QSA. Davi holds down many roles working with companies such as VMware, yet he maintains his QSA credentials and applies his knowledge of PCI Compliance. In this podcast we ask the question, is a virtual environment always mixed-mode and what to do if your QSA does not have the knowledge required to do the job?

I cannot believe the month of December is almost upon us. Every year around this time I like to reflect upon the year and give my review and remarks. This is a special year for me because it was around this time a decade ago that I was introduced to a cool new technology called virtualization from this neat new product called VMware Workstation. It was a magical moment when I first discovered the ability to run multiple operating systems, at the same time, on a single computer. I remember this moment well because it was true love at first install. Within a year I was playing with VMware ESX Server 1.5 and was given my first virtualization proof of concept that was followed by my first production design and deployment. The rest, as they say, is history as well as an amazing ride.

Toward Converged Virtualization Management Suites

VMware has articulated and is starting to deliver on a compelling strategy of Automated Operations for its virtualization and cloud platforms. This will precipitate profound changes in the vendor ecosystem as third party vendors partner up and acquire in order to come up with the same depth of functionality that VMware is offering, but on a broader set of platforms (Quest buying VKernel is just the start of this process).

Thames Water have signed up to give a sizable part of its desktop infrastructure management to services built on Desktone’s VDI stack hosted and maintained by Molten Technologies. Thames Water is the UK’s largest water and sewerage company, serving one of the world’s largest conurbations. Is this a significant landmark for Desktop As-A-Service (DaaS) provision? The utility sector is very focused on costs, tends to be studiously following the curve rather than forging fast into uncharted waters. DaaS, for some, is still interesting concept, but has the perception of risk.

Data Protection is not just about backup these days, but instead concentrates on two all important concepts for a business: disaster recovery and business continuity. While backup is a part of Disaster Recovery, restoration is all important. If it is not possible to restore your data in a timely fashion the backup has failed. So technologies that allow us to access our data immediately provides a level of business continuity. But how is this achieved? So where do you save your critical data is is readily restorable? Is your backup integrated into your monitoring software? Have you tested your restore today?