The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

VMworld EMEA, IPExpo, The ExecEvent, Citrix Synergy, oh my!

This month (October 2011) there are a slew of conferences on virtualization and cloud technologies being held in Europe. The question becomes which to attend! If you are in the United States, this could be expensive considering the current Euro to Dollar exchange rate but if you are already in Europe one of these events is well worth attending, each has there own take and focus. But after the success of VMworld US, is there anything more to announce?

Whether or not to put data into the cloud has been a debate since clouds were first formed. At a recent conference I was asked:

with all the security issues you brought up, why should I go to the cloud, I do not know the administrators, nor can I gain cloud visibility, so why go to the cloud at all? and if so which cloud?

There are a myriad of reasons to go to the cloud, not the least of which is politics or being told to go to the cloud. When the real question is:

which cloud services is my organization already using and how can I gain control over the data being placed into the cloud.

Cloud Performance – Learning from SalesForce.com

The focus upon sharing real response time and transaction load data by SalesForce.com is notable when compared with the pre-historic approach to performance that is used by many cloud vendors (and for a matter of fact many enterprise IT organizations). Response Time correlates directly to end user experience and at the end of the day that is all that matters. Hopefully the industry will learn from SalesForce.com and advance this concept further.

Link your Clouds using AFORE Cloudlink

AFORE Solutions has created AFORE Cloudlink, which won the Best of VMworld for Security at VMworld 2011 in the United States. Yet, many people were scratching their head saying, who are AFORE and why did they win. AFORE moved from a physical appliance to a virtual appliance about 3 years ago providing a way to move data between data centers in an encrypted fashion, which at the time was desperately needed. After three years they have made quite a few changes, but still have their core functionality, but now included data at rest encryption and the ability to stretch layer-2 and layer-3 networks between locations amongst others.

On 9/22 was held the Virtualization Security Podcast featuring Anil Karmel, Solutions Architect at Los Alamos National Library (LANL), to discuss their implementation of secure multi-tenant Cloud. LANL makes extensive use of the entire VMware product suite from vCloud Director down to the vShield components to implement their SMT cloud. They have also added into their cloud their own intellectual property to improve overall cloud security. It was a very interesting conversation about the state of SMT today.

Since the introduction of virtualization there has been sheer joy and excitement when having to work with application owners on the amount of resources they will need and not what they really think they want. I have seen all kinds of minimum, maximum, and special recommendation for all kinds of application over the years. In most cases, applications have evolved to be able to thrive in a virtual environment without too many limitations. Now it seems we have to verify which VMware features are fully supported with certain virtualized application also.

“The latest challenge on the security front isn’t necessarily an exotic new threat vector: it’s the attackers themselves. They’re organized, well-resourced and patient. And there’s no silver technology bullet to effectively combat them.”

This is a very important point, and one that I have seen at other security conferences for the last 5 years or so. However, attacks are possible because there is a lack of confidentiality and integrity of the data held within the systems under attack. So the system becomes the week point.

One of the cool things about attending VMworld every year is seeing what is new on the horizon and this year, ironically, there is something called Project Horizon and the first milestone of that project called VMware Horizon Application Manager. Horizon is a hosted service that will centrally manage the provisioning, access and usage of software-as-a-server (SaaS) applications while at the same time applying the companies standardized security and access controls. This will give the end users of the application the ability to use the applications via VMware ThinApp or View products to stream the application across multiple devices all with a single login. The end users will also have self-service access to a corporate store for their SaaS and Web-based applications. Managing these applications will be completely user based with no need to worry about the underlying device the software or application is running on.

Is it Time to Reorganize Data Center Operations?

If automated IT Operations is going to succeed and deliver its promised benefits then IT Operations is going to have to get reorganized – with supporting hardware teams part of the virtualization team. Furthermore Application Operations will have to be instantiated as a function that is responsible for the actual service level delivered by the applications to their constituents.