At the end of last year and the beginning of this year the Virtualization Security Podcast featured two very different guest panelists to discuss cloud security, policy, and compliance: Phil Cox, Director of Security and Compliance at RightScale, joined us for the last podcast in 2011 and the George Gerchow of VMware’s Policy and Compliance Group, joined us for the first podcast of 2012. We asked is the public cloud ready for mission critical applications. The answer was surprising. Have a listen and let us know your thoughts.
Business Agility ...
Comparing the Different Approaches to Application Performance Management for Virtualized and Cloud based Envionments
• • 0 Comments
If you are going to try to virtualize performance critical applications in 2012, you should arm yourself with a tool that can measure how those applications perform in the eyes of their end users – which is their end-to-end response time. The approach you take should be a function of the mix of applications you have to support – including whether they are purchased or custom developed and if custom developed with what language or framework.
Business Agility ...
• • 0 Comments
VMware is going to make progress on its automated service assurance vision this year, with initial steps coming in the Q1/2012 version of vCenter Operations and the initial release of vFabric APM. On the third party vendor front, progress is most likely to come by partnerships between vendors who have interesting pieces of the puzzle, but do not have the entire puzzle themselves. On this front the most interesting vendors are Netuitive, Prelert, Blue Stripe, ExtrHop Networks, and VMTurbo. The wild card in this equation is how service assurance will fit with cloud management and offerings from vendors like DynamicOps, Abiquo, Platform Computing and Gale Technologies.
Now, of course, this is a simplified version of the question, because in almost all cases Infrastructure Clouds and Platform Clouds are built on Virtual Infrastructure, and in most cases Platform Cloud is built on Infrastructure Cloud, so the question is really about how far into the Cloud you should be prepared to go. My perspective here is of a development manager – someone who is charged with building a new application. I’m thinking as a development manager not a developer and I’m taking decisions to maximise the productivity of a development team – rather than on the “shininess” of the technology.
Christmas is over and New Years is on its way. A time to make resolutions and see the year complete. A time to review what is old and plan for the future. This is a perfect time to review your defense in depth and look to see if there are security additions needed in 2012. So what cloud and virtualization security New Years resolutions should I make for 2012?
Private cloud management offerings are today very well suited to create and manage self-service scenarios for workloads that are either transient, or that require significant scaling of resources during the daily or weekly cycle of business activity. Private cloud management offerings are today not well suited to be the management solution through which all future workloads get provisioned an managed – but must become so, so as to participate in the further progress of virtualization. The best way for private cloud solutions to leverage the further progress of virtualization, is to help drive it- by helping to drive the concept of automated service assurance for business critical applications.
Following its recent acquisition of Trellia, Wyse Technology is further extending its software portfolio with the launch of a new PocketCloud app for Android users: PocketCloud Explore. PocketCloud Explore provides file search and transfer between the Android device and Windows and Mac PCs through a secure connection to an agent, the PocketCloud Companion, that is installed on the remote PC/Mac.
While the legacy enterprise management vendors might like to think of themselves as the Borg (prepare to be assimilated – there is no escape), the new technical requirements and the new buying patterns in the virtualization market do not lend themselves to a repeat of history. Legacy management vendors are unlikely to be able to acquire themselves into this market because their core platforms and business models do not work with the customers who are running virtualized environments and buying management solutions. So to my good friend Andi Mann, I respectfully disagree.
There needs to be better Data Loss Prevention applied to Social Media than there exists today and how that will be applied globally is a huge issue. But it is a growing trend. I see on twitter from those I know many things that should not appear: from the discussion of internal only intellectual property to locations sent to 4 square. Add into this, the myriad forms of ‘U There’ requests. It is so easy to tell people anything on twitter, that it also becomes a problem with telling people too much even in 146 characters. Yet, I also see the same when using text messages, chat, and other technologies. So what is the solution?