Applications Performance Profiling is an essential step in the process of virtualizing business critical and performance critical applications. In this case “performance” means response time not resource utilization. The virtualization team should go even further and commit to meeting response time based SLA’s for business and performance critical virtualized applications.
Security in the cloud and the virtual environment is ‘all about the data’ and not specifically about any other subsystem. It is about the data. As such the data has something it knows (the contents of the data), something it is (its signature), and something it has (its digital rights) and since it has these three elements, the data has all it has identity. However, protecting the data requires us to put things between the data and the real world such as firewalls, and complex role based access controls, as well as methods to replicate the data to other locations in a non-intrusive mechanism. The goal to such replication could be to ensure multiple sites have the same data (such as a hot-site) or to have the data available in another locations in case of disaster.
As a delegate for Tech Field Day 6 in Boston, I was introduced to SRM Replication as well as ZeRTO a third party replication tool. They seem to be as different as night and day but are they? Both work within the vSphere environment to replicate virtual disks regardless of storage type, and apparently hook into the same location within VMware’s API stack. This shows a maturity of VMware’s API stack that until now has been unknown and secret. In this one area, Microsoft Hyper-V is beating VMware vSphere: The availability of well known APIs that are easy for Third Parties to use. I now see a change in VMware’s behavior, can they continue this growth?
• • 1 Comment
As a delegate for Tech Field Day 6 in Boston, I was introduced to many third party management tools. In the past I have been given briefings as well on various VMware, Hyper-V, and Citrix Xen Management Tools as well. Many of these tools are marketed directly for use by the administrator, but they have the tools can be used by more than the administrator. These tools should be marketed to management, administrators, as well as the network operations center (NOC). We need tools that perform continual monitoring and auditing so that we can know as soon as possible when a problem occurs.
The 6/16 Virtualization Security Podcast started as a twitter conversation with a comment about PaaS Security where James Urquhart, Krishnan Subramanian, Rich Miller, and myself went back and forth about PaaS security and the role of the developer. It was not quite a DevOps conversation but pretty close. Rich could not join us on this Podcast but hopefully will make a future one. PaaS security appears to be dependent on two things, the provider’s security, and how it is used.
At Citrix Synergy 2011 in San Francisco last month Simon Crosby made the case that the biggest barrier to the adoption of service-provider offered cloud services is the understandable lack of trust on the part of enterprise customers. Well it looks as if he and fellow Xen luminary Ian Pratt have decided to do something about that lack of trust and are moving on from Citrix to address the problem at its source. Ian and Simon announced today that they are both leaving Citrix and taking key roles along with with Gaurav Banga (the creator of Phoenix Hyperspace) as co-founders of cloud security start-up Bromium.
• • 1 Comment
As a delegate for Tech Field Day 6 in Boston, I was introduced to VMware’s Mobile Virtual Platform (MVP) which allows you to have a single hardened VM running within, currently, very few Android-based devices as such requires a version of Android from VMware for the virtual machine aspect of MVP. The first version of MVP has several interesting security features as well s security issues as you move forward. Given the current spat of Android based malware, it is important to consider the security features of any new product whether it is a version 1.0 or not. Even with these issues, MVP has some very interesting uses outside the realm of a mobile phone platform. I can see this being used on tablets as a way to get a corporate VM.
The Dell VIS stack (Advanced Infrastructure Manager, Self-Service Creator and Director) now represents the most functionally rich virtualization management offering on the market, as it is sourced from best of breed IT as a Service vendor DynamicOPS and best of breed self learning analytics vendor Netuitive. This stack backed up by Dell’s ability to sell into its customer base with whom Dell is already heavily interacting on the subject of virtualization puts Dell and it partners in a compelling position.