The Virtualization Practice

Cloud Computing

Cloud Computing focuses upon how to construct, secure, manage, monitor and use public IaaS, PaaS, and SaaS clouds. Major areas of focus include barriers to cloud adoption, progress on the part of cloud vendors in removing those barriers, where the line of responsibility is drawn between the cloud vendor and the customer for each of IaaS, PaaS and SaaS clouds, ...
as well as the management tools that are essential to deploy in the cloud, ensure security in the cloud and ensure the performance of applications running in the cloud. Covered vendors include Amazon, VMware, AFORE, CloudSidekick, CloudPhysics, ElasticBox, Hotlink, New Relic, Prelert, Puppet Labs and Virtustream.

There has been great debate of what comprises the cloud, how to bound the cloud so that its easier to understand, and how to secure the cloud. Christofer Hoff of the Rational Survivabilty blog has been spear-heading quite a bit of discussion on cloud taxonomy in his attempts to wrap some thoughts around how to properly secure the cloud and everything within it. The start of this journey is the act of defining exactly what the cloud is, and is not. NIST’s document adds some more to an existing definition by defining public and private clouds.

Intrusion Protection Systems (IPS) differ quite a bit from Intrusion Detection Systems (IDS). An IPS is designed to modify some form of security setting when an intrusion is detected, thereby preventing the intrusion from being successful. An IDS on the other hand is just the detection component used by an IPS. Like all security tools used within a virtual environment there are four major ways to implement such devices. We will discuss later some best practices for managing a security tool. We will look at what is currently shipping over products hinted at for the future such as the OpenVSwitch, Xen Instropection API.

I was recently on an island and it got me thinking about whether a set of close islands can support a highly mobile cloud? If not what would be needed to make the Islands Cloud safer from the vagaries of Mother Nature, such as hurricanes, volcanoes, and earthquakes. Can a cloud provider be based on an island? or would it need to be on every island? Only the mainland?

I was recently on an island and it got me thinking of how would I move my company to the island. The company services people around the world, but would also service local to the island. Does virtualization really help me here? Why do I ask this, because an island is often prone to the vagaries of mother nature: Lava, Flooding, Typhoon, Hurricane, Earthquakes, humidity, desert, power fluctuations, etc. The list is pretty endless. So how would you move a business to or from an Island? Is this where the Cloud becomes a mature component? If so how much cloud do you need?

With the advent of VMware Go, vCloud Express, and the vCloud API, VMware’s marketing message is that all SMBs should use the cloud to either deploy their free hypervisor (VMware Go), or use the Cloud to run their servers (vCloud Express). VMware claimed at VMworld that we are no longer looking for ROI with Virtualization from a pure power and equipment costs, no we are now looking at virtualizing to save funds within the operational space of your company. Where best to do this than for SMBs to instead of owning their own equipment move their servers into the waiting vCloud Express providers such as Savvis, Terremark, Hosting.com, etc.