The Virtualization Practice

Security as a Service: Is it Safe?

Last week I spoke with two different Security as a Service vendors, each with their own approaches to security as a service. The first company I spoke to was CloudPassage who just exited stealth mode in time for RSA Conference, and Zscaler who is a well known company. Both provide Security as a Service with a similar approach by a different design. Both make use of large grids or computers to do all the heavy lifting of security, but from there they differ completely. While there is some overlap in the products, the different designs show us multiple ways to implement Security as a Service.

Virtual Computer are to optimize their NxTop client virtualization and management solution to operate with select models of Lenovo laptops and desktops PC platforms. For their part, Lenovo will allow customers to have Virtual Computer’s NxTop client loaded onto their custom images, direct from the factory. There are a number of client hypervisor solutions that can be used by enterprises today. The focus for these have been on security. At moment, the only vendor offering an enterprise ready PC management solution based on client hypervisor is Virtual Computer. The partnership withLenovo is likely first in line of tie-ups. Nxtop is Enterprise ready, with such deals Enterprises will be better ready for NxTop.

A couple of weeks ago, you could be forgiven for not ever having even heard of webOS, but now after HP CEO Leo Apotheker confirmed that starting in 2012, every HP PC will include the ability to run webOS in addition to Windows, if you profess to having any understanding of mobile platforms you have to profess to have at least some understanding of what webOS is and why it is important.

User Virtualization makes your user’s information manageable and portable. With User Virtualization the components of a desktop relating to the user are decoupled from the operating system and applications. Goldman Sachs investment is not to gain market share per se, but to allow AppSense to rapidly expand to meet the demand that their product has generated and helps drive a rapidly expanding desktop virtualization and management market.

I just finished reading, yet another Multi-Tenancy Design/Overview that claims to be secure or trusted. While I will agree that this particular design does cover Availability and some GRC (Governance, Regulatory, and Compliance) it is severely lacking in Integrity and Confidentiality. The design even went as far as saying the cloud/virtual administrator requires “COMPLETE VISIBILITY.” I was really taken aback by those words. Why does an administrator need ‘COMPLETE VISIBILITY?’ Which leads me to the question is Integrity and Confidentiality possible within any cloud or virtual environment? Or is it purely based on TRUST?

If so this is an appalling state of virtual and cloud environment security.

Constructing a Best of Breed Alternative to VMware vCenter Operations Enterprise

With VMware vCenter OPS, VMware has stated that performance, capacity, and configuration data need to be integrated into a self-learning model in order to monitor a dynamic system. This model can be implemented as well using third party solutions like those from Quest, CA Technologies, AppDynamics, Bluestripe, dynaTrace, VKernel, NetApp, Netuitive, Net Relic, Coradiant, VMTurbo, Xangati, and Zenoss.

In July 2009 I wrote an article entitled Cloud Computing Providers — are they content providers or carriers? and in January of 2011 Chuck Hollis wrote an article Verizon To Acquire Terremark — You Shouldn’t Be Surprised. Now with the Terremark acquisition almost complete and RSA Conference 2011 also over, at which I talked to Terremark about the benefits of belonging to Verizon, a picture is starting to emerge. Yes, my predictions in 2009 make sense and still hold forth today, but is there more of an impact than we realize?