Virtualization and Cloud Advisor

Expert analysis and advice on server virtualization technologies, deployments and management.

RSS
All Posts | RSS

Our blogger: Bernard Golden is CEO of consulting firm HyperStratus, which specializes in virtualization, cloud computing and related issues. He is also the author of "Virtualization for Dummies," the best-selling book on virtualization to date.

Wed, May 07, 2008

The Problem with Bolt-On Security for Virtual Environments

By Edward L. Haletky

Keywords: Virtualization, VMware, virtual security, virtual server security, Virtual Infrastructure 3, virtual environment, VE

What's the problem with bolt-on security for virtual servers and virtual environments? Too many people forget that VMware Virtual Infrastructure 3 (VI3) is the entire virtual environment (VE). Granted the core is VMware ESX, VMware ESXi, and can include VMware Server, but it is much more than that. Let's consider the many pieces of your enterprise that must be examined as you secure virtualization.

VI3 includes VMware Clustering, and independent hosts incorporating such items as VMware Dynamic Resource Scheduling (DRS), VMware High Availability (HA), VMotion, and Storage VMotion.

Then there's the storage technology in use in your enterprise, whether it's local storage or remote storage such as iSCSI, NFS over NAS, or SAN physical devices, or the Lefthand Networks Virtual SAN Appliance. Once we discuss storage, we need to discuss how virtual machines access the storage, whether using virtual machine disk files, using raw disk maps to logical units (LUNs) presented to the virtualization host, using iSCSI initiators within the VM, accessing a NAS or SAN directly via the network, or using Fibre Channel N_Port ID Virtualization.

If a network is involved, which is almost always the case, we need to discuss the networks involved and how VMs are accessed. Are the virtual machines accessed via a DMZ? Via production, administrative, or test networks? Are the VMs communicated with using some form of special application, VPN, SSL Tunnel, RDP, Virtual Desktop Infrastructure (VDI), or the remote console over the web of the VMware Virtual Infrastructure Client?

In order to create and manage VMs, we now add into the mix the question of how you manage the entire environment, whether via something that uses the VMware SDK, VIC connected to Virtual Center, or even a single host, VMware Lab Manager, VMware Life Cycle Manager, or via the remains of the full service console.

All of this is just a brief view of what comprises the virtual environment, whether you're using technology from VMware or other vendors. Virtualization security is needed every step of the way. It is possible to bolt-on security after the environment is deployed, but that is just a stop gap solution at best. Security should be considered from the very beginning of a virtual infrastructure deployment.

Remember, virtual security applies not only to the virtual environment but also to what touches or interfaces with the environment, including firewalls, routers, gateways, intrusion detection and prevention systems (IDS/IPS), storage and switch fabrics. Included in switch fabrics are VLANs and NPIV.

Loading...
Virtualization Vendor Matrix

Find out what vendors offer the products you need.

View the Vendor Matrix »
Virtualization ABCs

Get up to speed on virtualization.

Learn More »
Virtualization MarketSpace
White Papers
Learn how to address key cloud computing challenges
Learn how your organization can face the challenges of: lack of interoperability, security, compliance and application compatibility. Learn more »
VMware: Clearing the fog, a look into the Clouds
Read about VMware's compelling vision & set of products that can help clarify all of the confusion surrounding Cloud Computing. Learn more »
Cloud Computing: A fundamentally new way to deploy IT services
Learn how the VMware vCloud initiative enables you to move to the cloud how you want, when you want, and as much as you want. Learn more »
Calculate Your Specific Potential Virtualization Savings
Discover how organizations are reducing operational costs, and improving efficiency and availability. Learn more »
Forecast: Cloud Computing Looms Big on the Horizon
Read this Executive Guide to learn more about what IT leaders are saying about "Cloud Computing". This is one time when it makes good, practical business sense to have your head in the clouds. Learn more »
 
SPONSORED LINKS
 

Developing A Dynamic, Real-Time IT Infrastructure

Mid-Sized Company CIO Community: infoBOOM!

Read about virtualization and consolidation effort best practices

Building the Virtualized Enterprise with VMware Infrastructure

8 Key Ingredients to Building an Internal Cloud

White Paper: The Building Blocks for Cloud Computing

Taking the Service Desk to the Next Level

Why Data Loss is Increasing--and What You Can Do About It

Data Loss Prevention: A Better Way to Approach Security

Learn how to managing client systems in the enterprise.

Enterprise PBX Buyer's Guide

Secondary Market Primer: Your Network at Half Price

Losing Ground: 2009 TMT Global Security Survey

Accenture IT Consulting: Logical meets technological. More . . .

Stop Application Fraud at the Source with Device Reputation

Top 10 Business and IT Drivers for the Wealth Management Sector

Oracle's Application Grid Technical Demo

Next-Generation Application Servers and Infrastructure

Application Infrastructure at Enterprise Organizations

Achieving Business Agility with Application Grid

Learn about The Information Technology Infrastructure Library.

Achieving Pervasive Performance Management

Automating the Generation and Secure Distribution of Excel Reports

Introducing the new HP ProLiant G6 server family

Accenture: Outsourcing for Competitive Advantage. More...

Cloud Computing: Read about VMware's compelling vision & set of products

White Paper: 8 Key Ingredients to Building an Internal Cloud

Learn how a virtualized enterprise can help your company reduce costs

Why Isn't Server Virtualization Saving Us More?

Bottom-Line Benefits of Virtualization

A CIO Executive Guide: Cloud Computing Looms Big on the Horizon

Seven Ways ITIL Can Help You in an Economic Downturn

Maximizing the Business Value of the PC Infrastructure

Communications and Collaboration Needs at Business Organizations

Using Open Source to Deploy Web Applications

Enterprise PBX Comparison Guide

Getting Value from Outdated Networking Equipment

Top-line Performance that's Bottom-line Efficient

Accenture: Outsourcing for uncertain times. Click to learn more.

Learn about the VMware vSphere (TM) & Intel (R) Xeon (R) Processor 5500 Series

Data Center Optimization: Three Key Strategies

Oracle WebLogic Server Technical Demo

Data Grids and Service-Oriented Architecture

Achieving the Impossible: Unlimited Application Scalability

A Middleware Foundation for Application Grid

Tips for successful virtualization management.

Smart Decisions: The Role of Key Performance Indicators

Gartner Shares Predictions for 2009

Accenture IT Consulting: Enabling high performance. More...

Top Five CIO Challenges

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords