I have been thinking about blades and virtualization security for some time spurred on by a conversation with Brad Hedlund six months ago. Nearly all my customers use Blades and virtualization security is a big concern to them. In my Rethinking vNetwork Security article, I touched on some of the issues in response to Brad’s comments a while back. I would like to now expand that discussion to blades.
There are three sets of blade enclosures I would like to discuss, those that use pass thru networking, those that use standard switching fabric within the enclosures, and those that use flexible interconnects such as HP Flex-10 and Cisco Palo adapters. The last is the so called physical-virtual network device. Continue reading Blade Physical-Virtual Networking and Virtualization Security
Redwood City-based MokaFive is bringing its year to a close with two major product announcements. Releasing both MokaFive Suite 3.0 as well as its first cloud offering, the MokaFive Suite Service Provider Edition, on the same day.
MOKAFIVE SUITE 3.0
MokeFive Suite is an enterprise desktop management platform that is used to create and administer layered virtual desktop images called ‘LivePCs’ which execute as guests on a type II hypervisor. LivePC images are authored using the MokaFive Creator which also serves as a test platform to simulate and end-users experience. LivePC images can be stored on centralized or distributed file stores. MokaFive also provides support for Amazon S3 storage, which can be of significant value in managing highly distributed environments, or run directly off USB flash drives. MokaFive LivePCs are effectively hypervisor agnostic; support is currently available for VMware’s free Player and the open source Virtual Box. Beta support for Parallels Workstation is new in MokaFive Suite 3.0, and MokaFive’s own bare metal platform will be shipping in Q1 2011. Continue reading MokaFive Suite 3.0
DRS is one of the most useful and interesting features of VMware vSphere (to be more specific – feature of versions of vSphere from Enterprise on up). DRS is useful because it prevents workloads (VM’s) that are consuming more than the expected amount of resources, from potentially harming the performance of their neighbors in the same host with this “excess” resource consumption. DRS is interesting because the idea of dynamically balancing the load of a system in order to ensure the performance of the critical workloads running on that system is something that was taken for granted in the days of the mainframe, but has not as yet been well implemented on distributed Intel architecture systems. Continue reading Replacing DRS – With What and Why?
In the last Virtualization Security podcast on 12/2 we had with us members of the PCI DSS Virtualization Special Interest Group (SIG). Kurt Roemer of Citrix and Hemma Prafullchandra of HyTrust joined us to discuss the differences to the PCI DSS 2.0 with respect to virtualization. In essence, PCI DSS explicitly calls out the need to bring virtualization, people, and processes into scope.
As we discussed in a previous article, the PCI DSS 2.0 does not state exactly what needs to be assessed within the virtual environment, or even what part of the virtual environment is a concern of each aspect of the PCI DSS. What the PCI DSS 2.0 does do is change the language, however subtle, that technologies employing shared resources are now acceptable. Continue reading PCI DSS 2.0 discussed on The Virtualization Security Podcast
Since its inception, virtualization has changed the information technology landscape in many ways. With all the good that virtualization brings to the table, in some ways, it has made our jobs too efficient. One example is the ease and speed that we are able to deploy new servers. No longer are we waiting on physical hardware to arrive for a new deployment. We can “clone” our golden image in a matter of minutes and be on our way.
With the ease that virtualization brings to the table, it also introduces new issues into our day to day life as the administrator and care takers of the environment. Life Cycle Management can be one of those very issues. I have worked in several different types of environments over the years. One client, in particular, had life cycle management down to a science for any and all servers in the infrastructure. Every month, we would get the monthly decommission list of all virtual and physical servers slated for end of life. It took longer to fill out the paper work than to actually get rid of the server. Continue reading Lifecycle What?
For a developer, and subsequently the team of people that has to support certain kinds of applications in production, a PaaS cloud can be a wonderful thing. Why can a PaaS cloud be so wonderful? Because if you have a web based application based upon Java, Ruby-on-Rails, or .NET you can find a cloud provider that handles the entire hardware and software platform for your application. Continue reading Performance Management for Platform as a Service (PaaS) Clouds