Security

Security focuses on end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds, the SDDC, and the secure hybrid cloud. Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

As part of Security, we follow the user through the virtual and cloud stacks until they reach the application they wish to use for retrieving the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application, while maintaining strict control of management interfaces. As such, we explore all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

agilecloud

Continuous Integration, Deployment, and Testing

agilecloudI recently gave a Bright Talk session on adding security to the Agile Cloud/DevOps Development cycle. Part of this discussion addressed adding security testing as part of the process before, during, and even after continuous deployment. In other words, if we continually deploy, we must continually test. Our testing needs to be in the multi-minded parallel process we use for modern development, not the single-minded pipeline acceptable to most DevOps or agile processes. In the past, a team of people would test, each working independently to improve our software. We need similar capabilities within our automated processes. How do we achieve this? How do we add automated, continual testing? And where can we add this to our process or pipeline?

Read More

agilecloud

Serverless: Business Plan or an Approach to Technology?

agilecloudIn a recent Twitter conversation, I asked if serverless is anything new, and if so, where are the documents expressing what is new about it. I was asked in reply if I needed a document to understand the difference between Uber and taxicabs. That got me wondering: is the serverless movement a business plan, or is it an approach to technology? If it is a business plan, then it is about how to make money; if it is an approach to technology, it is about architecture. It could also be a combination of the two. Serverless is also known as servicefull. But before we delve further, let us consider the difference between Uber and taxis.

Read More

PerformanceManagement

ITOA Types of Data

PerformanceManagementAny part of any infrastructure, application, or cloud is data. Data is used by applications, and myriad data is presented to IT organizations for their use, edification, insights, and more. But what really is this data? Can we classify the types of data in some way? Data classifications should not be just “structured” and unstructured”; they must go deeper than that. To understand how IT operations analytics (ITOA) can act on data, we first need to classify data into something we can comprehend. ITOA leads to insights that can be used to predict capacity, track applications, and tell us when we have security events.

Read More

PerformanceManagement

Cloud Monitoring

PerformanceManagementWhen we talk about monitoring for performance, security, and business rules, we often refer to monitoring of infrastructure or Platform as a Service mechanisms. But how do you monitor Software as a Service? Do you just tally the dollars spent for the service, or can you look at application performance, security issues, or even your business rules today? Or do you trust the SaaS to provide data?

Read More

Network Virtualization

NSX Release … and Availability?

Network VirtualizationVMware just released details about the latest version of NSX—6.2.2. What is interesting about this release is that it is the first that is split into tiers. The release pages are full featured, and although pricing doesn’t appear to be available yet on the website, hopefully this will be a fully public release that doesn’t require jumping through hoops to get. Since VMware acquired Nicira in 2012, the NSX product has been a bit of a dark horse, kept well stabled and not allowed out to run free. The product has been available only to selected customers and partners, presumably with high-volume sales that will support a large amount of VMware employee time in each deployment.

Read More