Just entered my mailbox, there is a new rev of the vSphere 5.1 hardening guide which was spoken about on the last Virtualization Security Podcast. This version of the hardening guide adds a much needed new feature: Profiles. Profiles define the level of security requirements based on small and medium business, enterprises, and government agencies. There is a public review for the guide over the next two weeks, so if you want to comment or read the latest draft of the vSphere hardening guide please visit http://communities.vmware.com/docs/DOC-22783.
Articles Tagged with vCenter
At VMworld VMware announced the release of the vCloud Suite of products. This new suite of packages, depending on the level purchased, bundles together several individual products into a single purchase point. See the table later for details of which package includes which product.
However, to me the most interesting point was the fact that this suite is purchased per processor, not per VM. This, coupled with VMware’s announcement of the death of vRAM, means that you can in theory now get a lot more bang per buck spent with no artificial limits set on usage.
VMworld 2012 San Francisco is over, and I have some time to reflect on my virtualization thoughts in general before getting ready for VMworld Barcelona. One thing I noticed is recent announcements about VMware vSphere 5.1 and Microsoft Hyper-V 2012. Microsoft and VMware both released a specific new feature to each respective platform at basically the same time. Is this a sign that Microsoft is really closing the gap on VMware? I think we are getting there, but I have also made some other personal observations on how I see virtualization in the future, and I foresee a completely different method and mindset for the future between these two companies.
I mentioned in my last post that I have started the process of preparing for my VCP5 exam that I need to have finished by the end of February. While I was watching the Trainsignal training video about installing and configuring vCenter, I got to thinking about how much vCenter had changed and matured over the years. Let’s start with a look at where vCenter started and where it is today.
People often equate VMware with vSphere (certainly VMware’s flagship product). But VMware is not a one product or even a one product line company. VMware is in fact five different businesses, each of which make different current contributions, have different long term strategic value, and have different synergies with the others. These five businesses are like an engine, three boxcars and a caboose.
One of the basic tenants of virtualization security is to protect the management components of your virtualization hosts by placing these all important components on a separate network. These components often include management servers such as SCOM, vCenter, XenCenter, VirtManager, etc. as well as the management appliances of your virtualization hosts. In essence, the use of a properly configured, firewalled, and monitored virtualization management network would be the simplest and most effective security measure that can be made to day within any virtual environment. A message shared by Citrix, VMware, myself, and many others.
The problem is that not everything is as black and white as security folks desire. If we implement performance and other management tools, we often need to expose part of our all important virtualization management network to others. But how do we do this safely, securely, with minimal impact to usability? Why do we need to this is also another question. You just have to take one look at the Virtualization ASsessment TOolkit (Vasto) to realize the importance of this security requirement. But the question still exists, how do you implement other necessary tools within your virtual environment without impacting usability? Which we discussed on the May 5th Virtualization Security Podcast.