The Virtualization Practice

A new Applications Performance Management opportunity has arisen driving by virtualization, the cloud, scaled out deployment architectures, lower cost open source middleware, and agile development techniques. AppDynamics has raised an $11M series B round to address this opportunity. New Relic is the current market leader. BlueStripe and VMware with AppSpeed are also targeting this space.

“What do you wish to monitor?”, is often my response when someone states they need to monitor the virtual environment. Monitoring however becomes much more of an issue when you enter the cloud. Some of my friends have businesses that use the cloud, specifically private IaaS clouds, but what should the cloud provider monitor and what should the tenant monitor has been a struggle and a debate when dealing with them.

Storage Networking – Time to TAP the SAN

Virtual Instruments new SANInsight TAP for the Fibre Channel SAN allows organizations to collect critical performance data on a real-time, deterministic and comprehensive basis. This will allow organizations to TAP all of their SAN ports in advance of SAN or storage array performance problems so that the foundation is in place to allow for rapid problem diagnosis and resolution.

VMforce = Java + Spring Java Platform + vCloud + SalesForce Data Center

VMware and SalesForce.com have come together to provide a robust, scalable PaaS offering for Java Developers. Existing Force.com developers will now have the ability to use Java to build and extend their applications and all Java developers will have a significant and productive new run time option for their applications. VMware and SalesForce.com have both ratcheted up the pressure on Microsoft in a significant manner.

I recently spoke at the InfoSec World 2010 Summit on Virtualization and Cloud Security and also attended the main conference sitting in on many Virtualization discussions. Perhaps it was the crowd, which was roughly 30-40% auditors. Perhaps it was the timing as SourceBoston was also going on, as well as CloudExpo in NY. But I was surprised to find that people are still ‘just starting’ to think about Virtualization Security. Since I think about this subject nearly every day, this was disappointing to me at best. I found ideas around virtualization security ranging from:

* Virtualization Security is not part of an architecture/design, what do I bolt on?
* My Physical Security will work
* Virtual Environments NEED More security than physical environments
* There are no new threats, so why have something more
* Security is a hindrance

the Cloud is increasingly being used to provide external security testing services (such as AVS, Application Vulnerability Scanning). The argument of the proponents of such services is that security threats come from the cloud, and thus it makes most sense to embed the AVS in the cloud. However after very detailed examination of the options we have come to the conclusion that the Cloud it isn’t necessarily the right answer for many enterprises, and that the AVS service may best be delivered inside the datacenter.

Does an evaluation for a virtualisation project need to be only an exercise in understanding if X hosts will on Y servers? Will you be able to to virtualize every service you deliver? Are new applications required? What are your existing service-levels and requirements across your application portfolio? In most enterprises today, IT is a cost centre not a profit centre. Business units often want detailed involvement in implementation plans, asset purchases and ownership: it is not unusual that requests for applications come in terms of functionality – not in terms of service levels. With their release of Workspace iQ, Centrix Software appear to be unique in endeavouring to aggregate information that can be used to deliver data that can help provide IT with improved costing information without relying on specific vendors solutions to be in place.