The Virtualization Practice

Hurricane Irene and Some Thoughts on Disaster Recovery

This week I have been paying close attention to the developments of Hurricane Irene. In the beginning, Hurricane Irene looked like she was going visit Florida on her journey to the north. Even though it looked like Florida was going to get hit by this storm, it was still early and there was time for the storm to change course. It was also time to go out and make sure my Hurricane Supply Kit at least had the basics like batteries and flashlights as well as filling up the gas tanks of the cars. I have different levels of preparedness which depends on how close the storm is and the projected path. Just like I have steps in place to be prepared for the storm, most companies that I have worked for in Florida have a storm plan in place and like myself, do not sound the real alarm until the storm is 48 – 72 hours away from a hit but start to prepare for the alarm in case it is needed.

Your VMworld 2011 Enterprise Private Cloud and IT as a Service Short List

Choosing a Private Cloud platform involves trading off the scale of the environment, the types of applications running on the environment and compatibility with public cloud platforms with each other. VMware, DynamicOps, Gale Technologies, Abiquo, Platform Computing and Cisco offer the most compelling enterprise focused production application platforms. However other use cases and markets are best handled by other vendors.

More and more is coming out about the attack from a MacDonald’s that left an organization crippled for a bit of time. The final tally was that the recently fired employee was able to delete 15 VMs before either being caught or he gave up. On twitter, it was commented that the administrator must not have been a powershell programmer because in the time it takes to delete 15 VMs by hand, a powershell script could have removed 100s. Or perhaps the ‘Bad Actor’ was trying to not be discovered. In either case, this has prompted discussions across the twitter-sphere, blog-sphere, and within organizations about how to secure from such attacks.

Last week there was a bit of a surprise when someone announced Catbird Security made an agreement to purchase vShield App and only App from VMware. This left quite a few of us scratching our heads wondering why VMware would let this particular security software go. This announcement was incorrectly relayed and quite far from the truth. Catbird Security has written an agreement with VMware to OEM vShield App. This OEM agreement provides Catbird with a missing piece to the security puzzle as well as proving out VMware’s concept of virtualization security, that they should be the low level bits providing an API for higher level tools to use.

VMworld 2011 is fast approaching and now is the still to start making final preparations for the pilgrimage to Las Vegas. The question that I see a lot, before these types of events, is what can I do to get the most out of the conference? I have been lucky enough to have been to all the VMworld Conferences since 2005 as well as one lucky trip to VMworld Europe in 2009. I am going to chime in on the some of the things that I do to get the most out of VMworld.

Enterprises considering virtualization performance and capacity management solutions at VMworld 2011 should take a look at VMware vC OPS Enterprise, Netuitive, Quest vFloglight, NetApp Insight Balance, Reflex Systems, Veeam nworks, vKernel, Virtual Instruments, VMTurbo, Xangati, and Zenoss. Read the full post for the evaluation criteria.

While looking on twitter this morning I discovered a tweet that pointed to the following article, which is relatively devoid of details but none-the-less extreme interesting to those who follow virtualization security: Fired techie created virtual chaos at pharma company. This article points out an external attack that lead to management access of a virtual environment. Now we do not know if the attack was using antiquated credentials or some other means. But what we do know is that VMs were deleted by an external source that used to be a former employee. Hoax or not, this is a very serious issue brought to light.

Like a new college student, fresh from the flush of new found freedom to expand their horizons, Citrix appear to have had a case of the munchies. First Citrix’s portfolio was extended with the acquitisition of Kaviza. More recently, the purchase of RingCube. The desktop virtualisation techhnologies acquired will help strengthen Citrix’s virtualised desktop offering. VDI-in-a-box offering simplicity of deployment, providing options for the SMB and MSP spaces; and vDesk providing a layering functionality giving greater VDI scalability with an improved personalisation offering.