It is that time of year again, when we see all the new toys, tools, ideas, and processes that make up the show called VMworld. This year, quite a few changes in virtualization security will be discussed by VMware and other organizations that work with virtual and cloud environments. One of the key messages will be that everyone needs to stop treating virtualization security as something unique and different. Instead of this type of treatment, we have been seeing the extension of existing tools and techniques into virtual and cloud environments. Virtualization and cloud security is a natural progression of all organizational security.
Continue reading Virtualization Security at VMworld
Come on, let’s get real here. The software-defined data center may become the norm in two years in the gilded cages of Silicon Valley, North Carolina’s Research Triangle, and the other “centers of excellence” out there. But in the real world—you know, the one where companies are still using NT4 servers to deliver real and useful work—surely this is not the case. Continue reading Will the SDDC Be the Norm in Two Years?
As your software-defined data center (SDDC) grows, so does the quantity of privileged accounts. This was the discussion on the Virtualization Security Podcast of February 13, 2014, where we were joined by Thycotic Software. Privileged accounts are used by administrators and others to fix issues, set up new users, add new workloads, move workloads around your SDDC, harden those workloads, and perhaps even log in to just pull down logs for further use. The list of reasons to use privileged accounts is as endless as your system administrator’s stack of work. Yet today, almost always, access to these accounts is made by those who know the password. Continue reading Privileged Accounts within SDDC
Many network virtualization products appear to be aimed at the top 10,000 customers worldwide, accounting for their price as well as their published product direction. While this is a limited and myopic view, many claim it is for the best, their reason being that network virtualization is only really needed by the very large networks. The more I think about this approach, the more I believe it is incorrect. Let us be frank here. Most networking today, within many different organizational sizes, is a hodgepodge of technologies designed to solve the same problem(s) over and over: how to get data quickly from point A to point B with minimum disruption to service. Continue reading Network Virtualization: Not Just for the Service Provider
The Software Defined Data Center: That was pretty much the biggest takeaway from this year’s VMworld in San Francisco. VMware made announcements about the new vSAN that will be coming out soon to enhance software defined storage and about the NSX platform that addresses one of the final hurdles on the path to finally having a completely software defined datacenter, network virtualization. There have been plenty of write-ups on these topics, including one very good post from one of my colleges, Bernd Harzog. I am not going to go into any details on those announcements except to say that VMware is expanding and putting themselves in a good position to be the center of the virtual universe. I believe that it will take some time for software defined networking to really take off. My gut is telling me that it will be a slower process at first, just like the adoption of server virtualization, but when it does really take off, I believe the end result will have the potential to have just as great or even a greater legacy than server virtualization has. Continue reading The Software Defined Data Center
At the US VMworld 2013 conference, VMware did an excellent job of explaining how network virtualization and storage virtualization were going to work. Adding network virtualization and storage virtualization to the existing virtualization of compute (CPU and memory) along with API’s and policies to manage the whole thing is what creates a software defined data center. Continue reading VMworld 2013 Wrap Up – The Software Defined Data Center