Welcome to our list of of top virtualization and cloud security links, references, conversations, etc. This is an aggregation of links that a beginner and experienced administrator will find helpful for both virtualization and cloud security. Books Refer to the Security tab of the Virtualization Bookshelf. Articles – Whitepapers/Presentations Secure Hybrid Cloud Reference Architecture produced…
• • 10 Comments
The CMDB’s that were designed and architected for static physical systems appear to be unwieldy, too difficult to keep up to date, and not real-time enough to make the transition into the virtualized and cloud based world. Virtualized environment change too fast for existing CMDB’s to keep up, and the notion of keeping a CMDB up to date as assets are moved into and out of public clouds seems hopelessly beyond the intended original use case of a CMDB. A new category of datastore is needed that will address the needs of virtualized and cloud based environments, while incorporating performance information with configuration information.
The panel of the Virtualization Security Podcast on 5/27/2010 was joined by an attorney specializing in the Internet space. David Snead spoke at InfoSec and made it clear that there was more to secure multi-tenancy than one would imagine. The first question was “how would you define tenant?” which I believe is core to the discussion of SMT as without definitions we have no method of communicating. Before we get to David’s response, we should realize that nearly every one has their own definition of Tenant for a multi-tenant solution.
PhD Virtual has gained its second round of funding with investment from Citrix amongst others as discussed within our post News: esXpress is no more but what does this mean for XenServer? Up until this point it looked like Citrix was out of the server hypervisor wars and backing Microsoft’s Hyper-V play. Yet this looks on the surface like a basic shift to that direction. Yes, XenServer was placed into the OpenSource community and the latest improvements, such as the Open VSwitch integration and a new releases emphatically say that XenServer is alive and well and that its ecosystem is growing for that matter so is Hyper-V’s.
Citrix Xenclient enters the bare metal hypervisor for desktops devices market and challenges the incumbents – Neocleus and VirtualComputer. As a solution to reducing management costs and improving the user experience such a funtion is undoubtedly a contender to change the way you think about your PC lifecycle management.
Cloud Performance Management needs to evolve and allow cloud vendors to provide their customers a customer specific Infrastructure Response Time metric. This in conjunction with cloud aware Applications Performance Management solutions is needed in order for customers to feel comfortable putting business critical applications in the cloud.
When we put a .NET application on Windows on Hyper-V (or a Java application on Linux on ESXi) we are actually virtualizing twice. Can we virtualize only once, by putting the CLR or the JVM directly on the VM Host? In this action of course we remove the operating system. Oracle is taking the lead in this area with JRockit VE JVM. There is no VMware support, the only hypervisor it supports is Xen, or more precisely Oracle VM. it only comes bundled only with an Application Server, namely Oracle WebLogic Suite Virtualization Option. The entire stack inside the virtual machine is in “User Mode” in other words the JVM and the drivers are all in the same memory address space and you don’t need to switch contexts into Kernel Mode in order to perform I/O or network access. Does VMware have a strategic initiative (or even a skunkworks) to engineer a similar bundle for its SpringSource runtimes? Or are they just concentrating on scaling out with as per the Google announcement?
Due to what I stated during GestaltIT’s TechFieldDay, I was invited with Bas Raayman and others to discuss Secure Multi-Tenancy (SMT) in more detail with Chuck Hollis at EMC World. In addition, during one of the Keynotes SMT was renamed from Secure Multi-Tenancy to Simple Multi-Tenancy. The current Cisco VMware Netapp solution is plainly not secure. During the TechFieldDay at Cisco, Cisco even claimed “we did not think about security” when designing the initial solution. Cisco is worried about Quality of Service, I.E. Bandwidth through out the system to the disk. Furthermore, their definition of ‘Tenant’ was quite a bit different than my own. So we should first start off by defining Tenant.
• • 0 Comments
CA Technologies (CAT) has announced three new virtualization management and performance offerings. This is the first example of a “big 4″ enterprise systems management vendor getting serious about providing virtualization and cloud focused solutions. This will be very reasuring for CAT customers and may will accelerate stalled virtualization projects.