The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

OpenStack Logo

There is a class of applications that is extremely difficult to virtualize. This group consists of graphics intensive applications such as ProEngineer, Photoshop, and pretty much anything that requires a GPU to perform well. Graphics intensive applications make up a list of applications that are usually too big or expensive to virtualize. The last mile so to speak. This is NO longer the case. With NVIDIA’s announcement of the NVIDIA VGX Cloud Platform. This and other classes of applications can now be virtualized.

VirtualizationSecurity

There seems to be a myriad of definitions of who is a tenant when it comes to secure multi-tenancy. This debate has occurred not only within The Virtualization Practice as well as at recent Interop and Symantec Vision conferences I attended. So who really is the tenant within a multi-tenant environment? It appears multiple definitions exist and if we cannot define Tenant, then how do you build secure applications that claim to be multi-tenant?

AppSense_Company_Logo_100x30

Much of the recent buzz around AppSense from AppSense Labs,the research division at AppSense that is responsible for StrataApps, DataLocker and DataNow, its hot new tools to support user installed applications and provide increased security in consumer cloud services. Nevertheless, AppSense has not forgotten its roots and has recently released a major update to its core user persona management platform UV Suite.

CloudComputing

There are many SaaS and Security SaaS cloud services out there, but they all lack one thing: full visibility. Why do these cloud offerings limit the ability to perform compliance auditing, forensics, and basic auditing against an organizations data retention, protection, and other necessary policies? Why not just grant the “right to audit”, or better yet, build a way for each tenant to perform their own audit down to the hardware? Why limit this by leaving it out of contracts as well as the technology? It is all feasible.

desktone100x30

Desktone have architected a platform to allow resellers and service providers to deliver and support heterogeneous end user-environments. With a Desktone v5.0 platform, it is possible to deliver a hybrid desktop environment, manage multiple datacentres and utilise a set of APIs. For service providers and resellers alike, Desktone is offering a platform that can be managed and maintained with Linux based appliances and a single view of services that will be compelling.

VMware100x30

Many of the virtualization security people I have talked to are waiting patiently for the next drop of leaked VMware hypervisor code. But the real question in many a mind is whether or not this changes the the threat landscape and raises the risk unacceptably. So let’s look at the current hypervisor threat landscape within the virtual environment to determine if this is the case, and where such source code will impact. Are there any steps one can take now before the code drop is complete to better secure your environment?