We’ve been following Eucalyptus over a series of posts, and recently seen the company strengthen its management team with the appointment of new CEO Marten Mickos the (only) ex-CEO of MySQL. This week they have released a new version of the Eucalyptus product, Version 2.0. which carries some of his strategy, particularly in putting clear water between the Open Source and the Enterprise version of the product.
There is a great deal of marketing hype about which hypervisor is better but I have spent some thinking about this and really have to wonder if the hypervisor is what we should really be focusing or concentrating on. A lot of third party vendors are starting to port their products to be able to work with both hypervisors but what about the management server itself? When third party application vendors design their applications to work with VMware or Microsoft hypervisors they have been writing plug-ins for their product to work inside the management server systems and or its client.
Can we use some of this Risky Social Behaviors post to aid us in finding an adequate definition for secure multi-tenancy? Perhaps more to the point it can define how we look at multi-tenancy today. On a recent VMware Communities podcast we were told two things that seem contradictory to current security thinking. The first is that going to the cloud reduces your risk, and the second was that the definition of the cloud must include multi-tenancy.
• • 0 Comments
Systems Management Frameworks have provided an indispensable function to enterprises with large and business critical networks and data centers. However, frameworks have become a category of expensive and slow to innovate legacy software leading many enterprises to conclude that they must move beyond these products in order to properly monitor their newest environments including those that are based on virtualization and public clouds. New virtualization and cloud focused tools are providing support for these environments that is not present in legacy management frameworks. Self-learning analytics may replace the frameworks as the “manager of managers” or new frameworks may emerge out of the open source movement.
I you buy vSphere 4 (or 4.1) after June 9th, you get a free copy of SLES to run on any CPU on which you have a valid license for vSphere. This lines up SLES on vSphere alongside Windows on Hyper-v, in both cases the O/S and the hypervisor are supplied under the same license. This obviously lines up SLES on vSphere alongside Windows on Hyper-v, in both cases the O/S and the hypervisor are supplied under the same license. In the long term, Licensing SLES leaves out a tantalizing prospect that VMware can build its own semi-official version of Azure, using vSphere, SLES and Mono, without a Windows server operating system in the mix.
Appsense’s development of User Rights Management and User Installed Applications offer products that you can deploy to give additional rights to users so that they can work effectively without being a drain on IT, or IT being a millstone to them. How will such functions impact your business?
• • 1 Comment
Virtualizing tier 1 business critical and performance critical applications will require that the virtualization team be able to provide assurances about infrastructure performance and applications performance to the applications teams and their constituents. This is a dauntingly complex requirement to meet due to the fact that meeting it requires the integration of tools that are not integrated today, and that virtualization adds risk to the equation due to the dynamic behavior of virtualized systems.
The security companies are looking into all aspects of virtual environment introspection to label, tag, or mark all objects for compliance reasons, inspect the contents of virtual machines for asset management (CMDB), and an early form of Root Kit detection.
Virtualization Security is not just about the firewall, it is about the entire ecosystem, auditing, compliance, and object management.
While doing a quick Google search to find what a Cloud is, I have found several different definitions which depend on which vendor site you pull up. One thing is for sure despite the frequent use of the term, it still means different things to different people and or companies. For my reference point I am going to use the National Institute of Standards and Technology definition referenced by Texiwill’s NIST Cloud Computing Definitions Final article.