Recently I discussed Virtualizing Business Critical Applications and security, which includes availability, confidentiality, and integrity. However, that discussion was more about visibility into the environment for security operations. I purposely left off the discussion of gaining integrity and confidentiality of the data housed within those business critical applications. Security encompasses a great number of technologies, and those that provide integrity and confidentiality often differ from those that provide visibility into an environment which differ from those that provide availability. Continue reading Virtualizing Business Critical Applications – Integrity & Confidentiality
We opened this years virtualization security podcast with Phil Cox, the “Security Guy” at Rightscale, who is working through a tangled problem to meet compliance and auditing goals within the cloud. Rightscale is a 100% cloud based company delivering a solution that is also SaaS based. As such they often run directly into SaaS related issues. Rightscale has been running into a problem with the simplest of auditing requirements: how to know when someone has logged in. This problem spans nearly all their 100s of SaaS providers used to run their business. Continue reading SaaS Auditing: Knowing who did what
CloudBolt Software has announced that version 3.5 of CloudBolt Command and Control (C2) will integrate with VMware Nicira Network Virtualization Platform (NVP). CloudBolt C2 takes advantage of the NVP virtualization API’s to programatically create complex secure networks, entirely in softwarer, and completely independent of the underlying network hardware. Continue reading News: CloudBolt Integrates Cloud Management with Nicira Network Virtualization
Virtualizing Business Critical Applications is often stopped either by the sudden involvement of security and compliance, a need to better understand, or a need to gain visibility into the underlying security of the virtual environment in order to build new security and compliance models. As we have commented on the Virtualization Security podcast many times, security and compliance teams need to be involved from the beginning. However, this is not a discussion about involvement but about the tools that will help security and compliance to gain the necessary visibility into the security of their virtual environments and therefore allow for the virtualizing of business critical applications. Continue reading Virtualizing Business Critical Applications – Security and Compliance
As VMware progresses towards virtualizing more and more business-critical and performance-critical applications, the tools and processes by which the virtualized data center needs to be managed need to change. As a first step, it is important to separate workloads into three groups: Tactical (no one cares if they go down for a while), Business-Critical (they must be up all of the time), and Performance-Critical (they not only must be up, but must deliver excellent response time all of the time).
Is it time to plan for the virtual future in our virtual designs? Happy New Year and welcome to 2013!! What a year 2012 turned out to be for virtualization and cloud computing in general. Microsoft Hyper-V, Red Hat, and VMware have all made quite a few enhancements to the hypervisor, and we have finally reached a point where we really have some good competition between hypervisors. Also, the competition boundaries are being expanded to include much more than just the hypervisor itself as we start to focus on the ecosystem as a whole. Toward the end of 2012 the industry had really begun presenting multi-hypervisor management capabilities and solutions. I see this area as something to really watch in 2013, and I propose this question. Continue reading Virtual Future in our Virtual Designs