The Virtualization Practice

Tag Archive for SaaS

CloudComputing

There has been quite a lot of twitter traffic about the FrankenCloud recently: A cloud with more than one type of hypervisor underneath it. One example, is to build a cloud using Hyper-V three and vSphere, both managed through Microsoft System Center. Another example, is to build a cloud using Hyper-V, KVM, and vSphere all managed through HotLink. But is this a desired cloud topology?

VirtualizationSecurity

There seems to be a myriad of definitions of who is a tenant when it comes to secure multi-tenancy. This debate has occurred not only within The Virtualization Practice as well as at recent Interop and Symantec Vision conferences I attended. So who really is the tenant within a multi-tenant environment? It appears multiple definitions exist and if we cannot define Tenant, then how do you build secure applications that claim to be multi-tenant?

CloudComputing

There are many SaaS and Security SaaS cloud services out there, but they all lack one thing: full visibility. Why do these cloud offerings limit the ability to perform compliance auditing, forensics, and basic auditing against an organizations data retention, protection, and other necessary policies? Why not just grant the “right to audit”, or better yet, build a way for each tenant to perform their own audit down to the hardware? Why limit this by leaving it out of contracts as well as the technology? It is all feasible.

CloudComputing

A customer recently asked me, can we virtualize our Tier 1 App that receives 7Billion requests per day? My initial response was, on how many servers? Their answer was 15. This is quite a shocking set of numbers to consider. Add into this numbers such as 150K sessions per second, the need for a firewall, and sub-second response time and you end up with a few more shocking numbers. So could such workloads be virtualized? or is it too big for Virtualization?

podio

Citrix acquire Podio – Podio’s focus is to provide a platform for small/medium sized organisations to get up and running with standard business function applications offered from Podio’s own App Store. Does this mark the a Citrix foray to better accomodate mobility and consumerisation while stepping outside the microsoft windows desktop delivery environment.

I and others look at Virtualization Security constructs with an eye towards Cloud Security, but they are not necessarily the same. Granted for some clouds, virtualization security can lead to cloud security but this really depends on how the cloud’s architecture. Even so, what we know from Virtualization Security WILL apply to Cloud Security and will be the basis for best practices. But you say, my cloud does not use Virtualizaiton? Ah ha, I say, but it is still a cloud? And that implies there are similar security concerns. This was the discussion on the 1/26 Virtualization Security Podcast.

The countdown clock for the end of life of windows XP (the most successful operating system of all time) is running; enterprise IT is having to adjust to multiple disruptive trends that will stress it as never before, mobility, security, smart phones, tablets, BYOD, the cloud, even Apple has found a foothold in the enterprise. Budgets are tight, unemployment is high, mistakes cannot be afforded. This is the 2011 Year in Review for Desktop Virtualization.

Whether or not to put data into the cloud has been a debate since clouds were first formed. At a recent conference I was asked:

with all the security issues you brought up, why should I go to the cloud, I do not know the administrators, nor can I gain cloud visibility, so why go to the cloud at all? and if so which cloud?

There are a myriad of reasons to go to the cloud, not the least of which is politics or being told to go to the cloud. When the real question is:

which cloud services is my organization already using and how can I gain control over the data being placed into the cloud.