Good Virtual Security Requires Better IT Teamwork

VM security requires expertise in OS, storage and networks, a combination that's rare even in VM administrators.

By Edward L. Haletky
Mon, June 30, 2008

CIOVirtualization security is not just about securing the virtual network, nor is it just about securing the virtualization server operating system.

It is about realizing that a virtualization server is a hybrid device, whether it be VMware Virtual Infrastructure 3, VMware Server, VMware Workstation, Citrix XenServer or Microsoft Hyper-V.

Virtualization servers are a mix of a hypervisor device (OS), a networking device (bridge or switch) and a storage interface.

Currently, security folks know how to harden an OS and/or they know how to protect a network bridge or switch appliance. Few know how to do both simultaneously, or how to deal with the hpervisor as a complicating factor.

Do you need a high priced virtualization security expert to do this? These experts are few and far between and you probably don't need them. What you do need is the ability to pool all your security expertise in one group and educate them on the realities of virtualization. You need to remove the barriers and fiefdoms that spring up around IT and let these folks work together.

There is often a combative and not synergistic approach when groups deal with virtualization administrators.

For example, it can be tough getting storage teams to properly layout the LUNs (logical unit numbers) involved with virtualization servers; getting network administrators to set network speeds and configure ports for virtual-server hosts, or even getting OS security administrators to understand what tools they actually need instead of requesting unnecessary access and applications.

The combative nature that prevents this kind of cooperation often stems from not only organizational issues, but also the need for a virtualization administrator to act as an administrator for storage, security and networks.

Since a virtualization server covers all three areas, virtual-server administrators need to fully understand all three, or have the help of teams from storage, security, network, and operations. While it may be possible for one person to learn everything in these arenas, it is better to utilize the existing expertise.

The answer to fixing this IT staff problem: Educate all IT teams in the realities of virtualization. Virtualization is here to stay; it is not a fad; it is a reality. Whether this is by purchasing virtualization books for your IT teams, or by providing training for your team members, somehow all teams need to speak the same language, and this includes the virtualization administrator.

The virtualization administrator is the glue that makes it all possible, so he or she also needs education in order to speak the language used by the other teams. Otherwise, you get the 'You do not know what you are talking about' approach to teamwork.

Continue Reading

White Papers »
Forrester Total Economic Impact (TEI) Case Study - Oracle
In this paper, Forrester Consulting examines the total economic impact and potential return on investment (ROI) realized by three Enterprise organizations as they virtualized mission-critical Oracle databases on the VMware vSphere platform. The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of VMware vSphere on their organizations.
Top 10 Myths About Virtualizing Business-Critical Applications
Even though virtualization has brought positive change to enterprise IT over the last decade, some skepticism remains about how valuable virtualization can be in the way companies deliver and run business applications. Uncover the truth about how you can run your business critical applications with confi dence without sacrifi cing
availability or service quality-and at lower costs.
The Hidden Truth About Virtualizing Business-Critical Applications
This IDG whitepaper highlights key findings based on the Quickpoll Survey conducted with more than 300 Enterprise and Commercial IT decision makers worldwide about the state of their virtualization of business critical applications. This paper answers such questions as: What drivers are pushing companies to extend virtualization beyond servers? and What value are they realizing? Central to the paper are key results that expose risks of the past (fears of limited ISV support, performance impact) no longer are a factor for companies moving to 80+% virtualized.
Indiana University Virtualizes Mission-Critical Oracle Databases
The Kelley School of Business at Indiana University deployed VMware Infrastructure which decreases costs, streamlines server deployment, and reduces energy consumption.
Virtual Infrastructure Yields Real TCO and ROI Advantages
New study quantifies how VMware improved TCO and ROI for three companies' IT landscapes.
Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud  
This IDC white paper explains how much of the Enterprise IT community is at a crossroads in extending their journey to the private cloud: Companies must virtualize their business critical applications in order to reap the benefits of cloud computing. The paper also includes two case studies and a sidebar highlighting the experiences of three enterprises with virtualizing their business-critical applications, which include Oracle and Microsoft SQL databases, SAP and enterprise Java, and a Microsoft Exchange email system.
Webcasts »
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Virtualizing Microsoft and Oracle on VMware vSphere: Benefits and Best Practices
Virtualizing business-critical applications is an essential step in your journey to the cloud. Microsoft SQL Server, Exchange and SharePoint, and Oracle applications, are often the backbone of business IT. The benefits of virtualizing these applications extend far beyond mere consolidation. Understanding how VMware improves quality of service and agility while reducing costs will help you make the case for taking virtualization to the next level in your company.
Virtualize Business-Critical Applications with Confidence
Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere® 5, VMware is helping customers accelerate the deployment of business-critical applications, including Exchange, SQL, SAP and Oracle.
Discover the Benefits of Virtualization for Federal Applications
Want to say goodbye to missed SLAs? VMware can help you virtualize mission-critical applications such as Oracle, MS Exchange and SharePoint to achieve dramatic improvements in uptime, performance and responsiveness. In this webcast, we'll discuss the key benefits of virtualizing your agency's most critical applications and Oracle databases as a necessary first step in fulfilling OMB's mandate to move IT services to the cloud. With VMware, you'll be on the way to quick, effective and full compliance.
Virtual Desktop Solutions in the Federal Government
Federal IT managers are on the forefront of realizing the benefits that a secure, easy-to-manage virtual desktop environment can provide. The key is how to deliver the end-user experience that is comparable to a physical desktop. This webcast will show how the recently released VMware View 5 environment is being used to deploy virtual desktops to provide mission-critical solutions around Disaster Recover/COOP, telework and secure mobile applications to federal organizations. View this webcast and learn how new features and benefits of the VMware View 5 environment meet the needs of Federal customers
Introduction to Virtualization
This video webcast is designed to help those with little to no virtualization experience understand why virtualization and VMware are so important to driving down both capital and operational costs. The session will start with the introduction of the key concepts and technologies of virtualization, introduce the vSphere Hypervisor, and build up to an overview of VMware vSphere® 5, the world's most robust and complete virtualization platform. This session will also discuss new solutions such as the vSphere Storage Appliance and VMware GO that are making it easier than ever before to get started with virtualization.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Forrester Total Economic Impact (TEI) Case Study - Oracle

Top 10 Myths About Virtualizing Business-Critical Applications

The Hidden Truth About Virtualizing Business-Critical Applications

Indiana University Virtualizes Mission-Critical Oracle Databases

Virtual Infrastructure Yields Real TCO and ROI Advantages

Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud  

Essential Deployment Tips: Oracle Databases on VMware vSphere 4  

ESG Analyst Whitepaper - Virtualization Management Critical to Achieving Scale and Efficiency

Desktop Modernization eBook

10 Reasons to Modernize the Desktop: CIO

NetApp, VMware, Cisco, Wyse, Fujitsu 50,000 Seat VMware View deployment

ESG Analyst White Paper - Benefiting from Server Virtualization: Beyond Initial Workload Consolidation  

Centralized Virtual Desktop Eases PC Procurement, Deployment, and Management

The Evolution of Virtualized Desktops

VBlock Fastpath Desktop Virtualization Platform

Solving Critical Challenges of the Virtualized Data Center

Virtual Patching with Network Security

Free Your Time! How Automated IPAM saves time with your company's virtualization, mobility and IPv6 challenges

Virtualization reduces costs and complexity for mid-sized businesses

A Comparison of PowerVM and Vmware Virtualization Performance
Resource Center
buy a link »
Ads by TechWords