At nearly every conference, we talk about the lowest-hanging fruit of virtualization security, but we often miss the discussion about the lowest-hanging fruit of cloud security. They are not the same. Are we talking about good SSL hygiene? That is a part of it, but there is something even more basic than that. John Dickson, principal of the Denim Group, joined us on The Virtualization Security Podcast to talk about how people are moving to the cloud and the things they miss. Continue reading Lowest-Hanging Fruit of Cloud Security
By now, we have all heard the success stories in which companies have increased their agility, lowered costs, reduced their data center footprint, built impressive high-scale systems, or gained competitive advantages by leveraging cloud computing services. But for every success story, there are one too many companies that struggle to capitalize on the promise of cloud computing.
A few weeks ago I had a chance to speak at length with Andres Rodriguez, the incredibly passionate founder and CEO of Nasuni. Nasuni is a highly innovative storage company providing storage infrastructure backed by the cloud. I’ve been writing a lot about caching and flash in virtual infrastructures, and went into the conversation thinking that they’d be another company improving storage performance with SSD, oh, and they had this cloud thing going on. Boy, was I wrong. After a lot of questions, I came away with a real respect for what they’re doing: attacking a number of big storage-related enterprise IT problems all at once. Continue reading Nasuni: Rethinking Every Aspect of Your Enterprise Storage
Recently I have had the pleasure of discussing security with a number of cloud providers. Specifically, we talked about what security they implement and how they inform their tenants of security-related issues. In other words, do they provide transparency? I have come to an early conclusion that there are two types of clouds out there: those that provide additional security measures and work with their tenants to improve security, and those who do not. On the Virtualization Security podcast we have discussed this many times, with the conclusion being drawn that many clouds do a better job at security than the average organization does, but that there is no way to know what is implemented, as there is no transparency. Continue reading A Tale of Two Clouds
Quite a few upgrades and new products have come out over the last few months. Some have forced many people to rethink their stance toward the cloud, management of resources, and technologies involved. For many, upgrades should upgrade but not change major functionality (or at least the way they use the upgraded tool). When this happens, there is usually a backlash from the users. To avoid that, different solutions, or even new ones, may be needed to replace those that caused the serious issues with the users. Upgrades should cause very little change to how business is done except to provide new features. Unfortunately, we are seeing a rash of upgrades that are forcing people to rethink how they use a cloud and are actually forcing people to use clouds. Continue reading Upgrade to the Clouds
In Beware of the Franken-Monitor, we explained how many enterprises ended up with Franken-Monitors and the dangers associated with assuming that the present state of management tools can make the transition into the software-defined data center (SDDC) and the cloud. In Getting Rid of Your Franken-Monitor, we explained how to use green-field islands to put in place new ecosystem-based management stacks with the intent of eventually retiring your legacy management stacks. In this post, we detail how one could deploy one example of such an ecosystem of tools based upon Splunk and the vendors that comprise its ecosystem. Continue reading Replacing Franken-Monitors and Frameworks with the Splunk Ecosystem