The Virtualization Practice

Tag Archive for VSA


While at VMworld 2013, I started to ask 5 security questions that have been bothering me for some time now. Some of these questions apparently have no answers currently and others only have operational answers, no technology. Security of a secure hybrid cloud is a mix of procedures, policies, operations, and technology. These questions are about various aspects of virtual and cloud environments that have been nagging at me for some time now as well as problems I have faced managing our own cloud instances. Perhaps you have questions you would like to add to the list, if so please share.


What is the future of virtual storage in a Software Defined Data Center (SDDC)? As more and more technology gets moved from hardware to software in the SDDC, I have to wonder which direction virtual storage will go.

If we use networking as an example, the technology has evolved from setting up local virtual switches on each of the hosts to a virtual distributed switch (VDS) model where all the individual host-level virtual switches are abstracted into a single large VDS that spans multiple hosts at the Datacenter level. In this design, the data plane remains local to each VDS, but the management plane is centralized with VMware vCenter Server acting as the control point for all configured VDS instances.


Unless you are one of the few who have gone all solid-state devices (SSDs) for your virtual environment, hard disk drives (HHDs) still have a role. That role might be for primary storage of your VMs and/or their data, or as a destination target for backups, snapshots, archiving or as a work and scratch area. Or perhaps you have some HDDs as part of a virtual storage appliance (VSA), storage virtualization, virtual storage or storage hypervisor configuration. Even if you have gone all SSD for your primary storage, you might be using disk as a target for backups complimenting or replacing tape and clouds. On the other hand, maybe you have a mix of HDD and SSD for production, what are you doing with your test, development or lab systems, both at work and at home.


Storage Security is not only about Encryption, which is just one aspect of Storage Security requirements for the virtual and cloud environments. It is also about increasing defense in depth and knowledge of what is touching your storage environment. As well as providing security around those touch points and to a great extent auditing and protecting the data residing within the storage devices regardless of where the devices live: within the virtual environment or within a cloud.

There are many enhancements and new features that are part of VMware vSphere V5.0 from a storage and I/O perspective (See VMware vSphere v5 and Storage DRS posts). One of those enhancements is a new Application Programming Interface (API) called VASA (vSphere Aware Storage API) which joins other VMware vSphere APIs some of which are shown in table 1. Note that there is a three letter acronym (TLA) shown in table 1 that is part of the VMware vSphere 5.0 release that can be confused with VASA called VSA (VMware Storage Appliance) however for now, let’s leave VSA for a future discussion.