The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

VMworld2012150x27

VMworld 2012 is upon us. Use this list to figure out which booths should be on your short list for creative and new solutions. With over 230 booths to choose from this is a daunting task. If you are interested in management, monitoring, deployment, security, data protection, and desktop management problems, this list will help you.

CloudComputing

In addition to PaaS there is a class of vendors who provide external services to PaaS through “marketplaces” that the vendor sets up. We refer to these generically as Application Services as a Service (ASaaS). The stakes are potentially huge – the PaaS takes over from the Operating System as the dominant factor in the purchasing decision for server-side technology. We’re not saying it definitely will happen, but it might.

CloudComputing

Intelligence gathering is an oft overlooked aspect of system and data defense in depth. On the 7/12 Virtualization Security podcast we discussed new and old sources of such intelligence. We were joined by Urvish Vashi, VP of marketing, Alert Logic. Alert Logic has updated their report on cloud based security attacks. Add to this the yearly Verizon Breach and other reports, and we start to have a good handle on intelligence of past and possibly future attacks.

CloudComputing

As mentioned in a number of posts, there is a clear trend away from Platform-specific PaaS (where you write your application to the platform) and Language-Specific PaaS (which provide support to one or possibly a couple of languages) to Universal PaaS, which is capable of supporting any language and any platform. There’s a little bit of a gray area, but we would include ActiveState Stackato, AppFog, dotCloud, GigaSpaces Cloudify, Red Hat OpenShift, Salesforce Heroku, Uhuru Software AppCloud and VMWare CloudFoundry in this category. These vendors differentiate themselves by providing a broad range of Application Services or Application Lifecycle Services.

VirtualizationSecurity

Cloud based security is about securing the data, yet compliance requirements are often about securing the environment, such as PCI’s requirement for web application firewalls, which protect web servers and perhaps applications and imply protection of data. But they do not directly protect data. How can a Software Defined Data Center implement a form of Software Defined Security automatically to meet not only compliance requirements, but security around a particular mote of data?