The 5/31 Virtualization Security Podcast we spoke to High Cloud Security about encryption as a defense in depth, and where to place encryption within the virtual environment. This lead to an intriguing discussion about what is actually missing from current virtual environments when it comes to encryption. We can encrypt within each VM and we can encrypt within the networking fabric, as well as within the drives themselves, but currently that leaves several vulnerabilities and unencrypted locations that can be used as attack points. While we concentrated on vSphere, what we are discussing applies equally to all hypervisors.
Since the start of the Windows 8 Public Beta, there has been a great deal of discussions and comparisons galore. There have been points made that Microsoft Hyper-V will be good enough to draw good consideration in companies looking to the future. For me personally, feature comparison was not my first consideration. One measurement that I consider is the eco-structure of the technology or in other words, how large is the 3rd party partners and products supporting both the technologies?
When we look for patterns from the past, sometimes we can really get a good idea of what the future might entail.
If you take a look at the way VMware has rolled out licensing changes during each of the major releases you can see a pattern and get an idea of what the future may bestow on us. When Virtual Center was first released, vMotion and vSMP were licensed separately from Virtual Center as an add-on for Virtual Center.
Once VMware ESX3 was released, vMotion and vSMP pretty much became a standard feature included in ESX3. Virtual Center was still sold separately and then VMware presented three licensing models for VMware ESX3.
Virtualizing Presentation Virtualization Workloads is increasingly seen as beneficial and more acceptable. As Citrix XenApp customers move into 2013 it is likely they’ll move more physical instances to virtual. To enhance RDS VM workloads with shared storage – Atlantis release ILIO for XenApp, the first solution designed specifically to accelerate provisioning, boot time and application response time
Microsoft Windows Server 8 Beta has been open to the public and there is one feature that really caught my eye. With Windows Server 8 you can now have basic PowerShell console over HTTPS with Microsoft Windows PowerShell Web Access (PSWA). Think about the possibilities with that. You get an email that there is an issue and you could start PWSA on your phone, or other device, and resolve the problem or request.
Should software licensing be completely based off of the hardware MAC address of the NIC and or UUID of the mother board? This process worked very well before the introduction of virtualization but now that virtualization has become more prevalent in most environments. I think software venders really need to reconsider how they are going to license their software although it seems that some companies have not bought on to the idea of virtualization and would prefer to continue to support their product type to a specific hardware platform that the vender put together and shipped out. Can software venders hope to survive and remain current without embracing virtualization? I think the answer to that question is going to be no in the long run.