More and more is coming out about the attack from a MacDonald’s that left an organization crippled for a bit of time. The final tally was that the recently fired employee was able to delete 15 VMs before either being caught or he gave up. On twitter, it was commented that the administrator must not have been a powershell programmer because in the time it takes to delete 15 VMs by hand, a powershell script could have removed 100s. Or perhaps the ‘Bad Actor’ was trying to not be discovered. In either case, this has prompted discussions across the twitter-sphere, blog-sphere, and within organizations about how to secure from such attacks.
At the NE VMUG, while walking the floor I saw a new virtualization backup player, perhaps the first generic Replication Receiver Cloud: TwinStrata. And information gained while not at the NE VMUG. There is also a new virtualization backup player just for Hyper-V: Altaro. As well as a new release of Quest vRangerPro. The Virtualization Backup market is a very dynamic market with new ideas, technologies, and concepts being put into the market at every turn. In many ways, the market leaders are not the bigger companies but the smaller and fast growing companies. In the past, it was about features associated with pure backup, but now it is about features and fast disaster recovery and recovery testing.
Business Agility ...
• • 3 Comments
Just in time for the adoption of vSphere 5 by enterprises seeking to virtualize business critical and performance critical applications, AppFirst, BlueStripe, and ExtraHop have pioneered a new category of APM solutions. This new category is focused upon allowing IT to take responsibility for applications response time for every application running in production. This is an essential step on the road toward virtualizing the 60% of the applications that remain on physical hardware.
Security in the cloud and the virtual environment is ‘all about the data’ and not specifically about any other subsystem. It is about the data. As such the data has something it knows (the contents of the data), something it is (its signature), and something it has (its digital rights) and since it has these three elements, the data has all it has identity. However, protecting the data requires us to put things between the data and the real world such as firewalls, and complex role based access controls, as well as methods to replicate the data to other locations in a non-intrusive mechanism. The goal to such replication could be to ensure multiple sites have the same data (such as a hot-site) or to have the data available in another locations in case of disaster.
As a delegate for Tech Field Day 6 in Boston, I was introduced to SRM Replication as well as ZeRTO a third party replication tool. They seem to be as different as night and day but are they? Both work within the vSphere environment to replicate virtual disks regardless of storage type, and apparently hook into the same location within VMware’s API stack. This shows a maturity of VMware’s API stack that until now has been unknown and secret. In this one area, Microsoft Hyper-V is beating VMware vSphere: The availability of well known APIs that are easy for Third Parties to use. I now see a change in VMware’s behavior, can they continue this growth?
IT as a Service ...
• • 1 Comment
The problem is that not everything is as black and white as security folks desire. If we implement performance and other management tools, we often need to expose part of our all important virtualization management network to others. But how do we do this safely, securely, with minimal impact to usability? Why do we need to this is also another question. You just have to take one look at the Virtualization ASsessment TOolkit (Vasto) to realize the importance of this security requirement. But the question still exists, how do you implement other necessary tools within your virtual environment without impacting usability?
At the InfoSec World 2011 conference, in the sessions I attended, there was quite a bit of discussion about moving to the cloud as well as cloud outages.
I was reading the post Small Business Virtualization and that really got me thinking about Small to Medium Businesses and what part Cloud Computing will play in that market. There are plenty of small businesses in and around my area and I have a couple of friends that are the owners of a couple of these small businesses. A majority of these small businesses have a single or a couple of point of sale machines that feed to the accounting program. It is these businesses that I think of when I think of what a small business is. Would virtualization help these companies? Sure, I think so but would it really be worth the cost to setup and maintain?
There were two announcements over the last few days that struck me as quite important to the virtualization community. While some may question this statement, the long reaching effects of these purchases will impact virtualization and cloud computing in not so distant future. In fact, these purchases could add a whole new layer to vSphere as we know it today. Which for VMware is a good thing. They need to continue to innovate to stay ahead of the pack. The purchases I talk about are:
VMware purchasing/taking over control of EMC Mozy
RSA purchasing NetWitness