The countdown clock for the end of life of windows XP (the most successful operating system of all time) is running; enterprise IT is having to adjust to multiple disruptive trends that will stress it as never before, mobility, security, smart phones, tablets, BYOD, the cloud, even Apple has found a foothold in the enterprise. Budgets are tight, unemployment is high, mistakes cannot be afforded. This is the 2011 Year in Review for Desktop Virtualization.
TVP Tag Archives
Licensing: Pools and Architecture Changes?
In the past, virtualization architects and administrators were told the best way forward is to buy as much fast memory as they could afford as well as standardize on one set of boxes with as many CPUs as they dare use. With vRAM Pool licensing this type of open-ended RAM architecture will change as now I have to consider vRAM pools when I architect new cloud and virtual environments. So let’s look at this from existing virtual environments and then onto new virtual and cloud environments. How much a change will this be to how I architect things today, and how much of a change is there to my existing virtual environments? Is it a better decision to stay at vSphere 4? Or to switch hypervisors entirely?
Where are my NOC Views: Virtualization Management Vendors
As a delegate for Tech Field Day 6 in Boston, I was introduced to many third party management tools. In the past I have been given briefings as well on various VMware, Hyper-V, and Citrix Xen Management Tools as well. Many of these tools are marketed directly for use by the administrator, but they have the tools can be used by more than the administrator. These tools should be marketed to management, administrators, as well as the network operations center (NOC). We need tools that perform continual monitoring and auditing so that we can know as soon as possible when a problem occurs.
Centralized RBAC Missing from Virtualization Management Tools
As a delegate for Tech Field Day 6 in Boston, I was introduced to several virtualization and performance management tools from vKernel, NetApp, Solarwinds, Embotics, and a company still in stealth mode. With all these tools and products I noticed that each were not integrated into the roles and permissions of the underlying hypervisor management servers such as VMware vCenter, Citrix XenConsole, or Microsoft System Center. This lack of integration implies that a user with one set of authorizations just needs to switch tools to gain a greater or even lesser set of authorizations. This is not a good security posture and in fact could devolve any security to non-existent.
Security of Performance and Management tools within the Virtual Environment
The problem is that not everything is as black and white as security folks desire. If we implement performance and other management tools, we often need to expose part of our all important virtualization management network to others. But how do we do this safely, securely, with minimal impact to usability? Why do we need to this is also another question. You just have to take one look at the Virtualization ASsessment TOolkit (Vasto) to realize the importance of this security requirement. But the question still exists, how do you implement other necessary tools within your virtual environment without impacting usability?
Implementing Policy in the Virtual Environment and Cloud
When you read books on virtualization, cloud computing, security, or software product sheets a common word that shows up is Policy. Tools often claim to implement Policy, while books urge you to read or write your Policy. But what does Policy imply?
Webster (webster.com) defines policy as:
1 a : prudence or wisdom in the management of affairs b : management or procedure based primarily on material interest
2 a : a definite course or method of action selected from among alternatives and in light of given conditions to guide and determine present and future decisions b : a high-level overall plan embracing the general goals and acceptable procedures especially of a governmental body
When you read policy in product literature and books we are looking at definition number 2 and often a over b. But what does this mean to those who administer and run virtual environments or make use of cloud services?