Click here to close now.

Welcome!

Cloud Expo Authors: VictorOps Blog, Michael Jannery, XebiaLabs Blog, Elizabeth White, Pat Romanski

Related Topics: Web 2.0, Virtualization

Web 2.0: Article

Virtualization Security: VMware Crosses the Rubicon

Will The Netsec Industry Finally Wake Up to the Potential of Virtsec?

While the press and blogs are buzzing about cloud computing, VMware has made probably one of the most significant cloud-related announcements ever made; and with : vShield Zones has added even more distance between rivals when it comes to data center and cloud security.

Last year at VMworld in Cannes, VMware announced the VMsafe VMware security partner ecosystem. The virtualization security "industry" had been notably silent (other than a colorful row between security blogger/expert Chris Hoff and Citrix CTO Simon Crosby) for the rest of 2008. Virtualization expert Rich Miller even mentioned the sound of security silence at VMworld Las Vegas in September:

The theme I noted most at VMworld 2007 a year ago was "security."  This year, it seemed noticeably absent.  My sense is that the industry has yet to catch up and capitalize on VMsafe. Because all of the "next generation" of offerings from VMware and the independent providers are still in development, no one made too much of security issues.

The contrast between the Cannes security ecosystem exuberance and VMware crossing the Rubicon at VMworld Cannes 2009 marked a stunning and much needed shift in the virtualization space. It was the first serious step by any vendor towards a real solution for securing the cloud and moving data center virtualization deployments from virtualization-lite (hypervisor VLANs) to "rack and stack" cloud environments.

While Microsoft and Citrix make price adjustments VMware launches genuine innovation that could significantly change the economics of IT in production environments. Security is a critical differentiator when it comes to deploying virtualization in production data centers and creating cloud environments.

This move is not without risk, as VMware had invested great effort in lining up a security partner ecosystem which was kicked off the year before in Cannes, which I celebrated via an interview with Tarry Singh during my recent tenure at Blue Lane (which was acquired by VMware in 2008).

If the Blue Lane acquisition didn't send a chill down the spine of the network security industry, this announcement should. It signals a new era in security introduced, ironically, by a virtualization vendor. Despite the virtsec exuberance and optimism introduced by the new and novel security requirements, much of the network security industry was caught flat-footed. And that still seems to be the case.

Gartner VP Neil MacDonald summed it up with his recent blog about the traditional security vendors:

Many are clinging to business models based on their overpriced hardware-based solutions and not offering virtualized versions of their solutions. They are afraid of the inevitable disruption (and potential cannibalization) that virtualization will create.

The writing is on the wall for network security vendors who have elected to wait and see if the "cloud computing hype" is just a passing fad or are clinging to obsolete technology or business models. The vShield announcement could also a double-edged sword for the virtsec startup vendors: 1) who could be more isolated than ever from the virtsec momentum within VMware and yet 2) possibly more strategic now that VMware has played a real security card in the marketing battle.

With the VMware vShield Zones announcement, any vendor who thinks that virtualization and security are two separate and distinct matters is headed for the distinctive Club Maginot school of static security expertise. They are about to relive the fates of French officers watching German planes fly over the massive, integrated and ambitious French defense investment at one of its strongest points (in Belgium). The wall was designed for WW1 and was partly responsible for a rapid German conquest of France in early WW2.

Virtualization and cloud are introducing new demands on security, because they are introducing new, unprecedented levels of mobility and automation for systems and endpoints. The economic payoffs are so promising that cloud promises to have a substantial impact on the computing era. The question is, are those who think in terms of static networks (whether they are security or network vendors or pros) fully prepared for the requirements of Infrastructure 2.0?

Yet the increased velocity of change is also making the network itself more strategic and yet more challenged. This collision between automated systems and manually managed networks will produce significant opportunities for networking vendors and professionals who understand the power and opportunity of automation; and significant risks for those still riding the "kludge train" of manual reactions to the automation revolution now proliferating within the bowels of IT.

I am a senior director at Infoblox. You can follow my comments in real time at www.twitter.com/archimedius.

 

More Stories By Greg Ness

Greg Ness is a Silicon Valley marketing veteran with background in networking, security, virtualization and cloud computing. He is VP Marketing at CloudVelocity. Formerly at Vantage Data Centers, Infoblox, Blue Lane Technologies, Juniper Networks, Redline Networks, McAfee, IntruVerofficer at Networks and ShoreTel. He is one of the world's top cloud bloggers.

@CloudExpo Stories
We certainly live in interesting technological times. And no more interesting than the current competing IoT standards for connectivity. Various standards bodies, approaches, and ecosystems are vying for mindshare and positioning for a competitive edge. It is clear that when the dust settles, we will have new protocols, evolved protocols, that will change the way we interact with devices and infrastructure. We will also have evolved web protocols, like HTTP/2, that will be changing the very core...
Skytap Inc., has appointed David Frost as vice president of professional services. David joins Skytap from Deloitte Consulting where he served as Managing Director leading SAP, Cloud, and Advanced Technology Services. At Skytap, David will head the company's professional services organization, and spearhead a new consulting practice that will guide IT organizations through the adoption of DevOps best practices. David's appointment comes on the heels of Skytap's recent $35 million Series D fundin...
Operational Hadoop and the Lambda Architecture for Streaming Data Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing...
SYS-CON Events announced today that Vitria Technology, Inc. will exhibit at SYS-CON’s @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Vitria will showcase the company’s new IoT Analytics Platform through live demonstrations at booth #330. Vitria’s IoT Analytics Platform, fully integrated and powered by an operational intelligence engine, enables customers to rapidly build and operationalize advanced analytics to deliver timely business outcomes ...
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile ...
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, it is now feasible to create a rich desktop and tuned mobile experience with a single codebase, without compromising performance or usability.
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures...
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, will explain the best practices of continuous testing at high scale, which is r...
Docker has acquired software-defined networking (SDN) startup SocketPlane. SocketPlane, which was founded in Q4, 2014, with a vision of delivering Docker-native networking, has been an active participant in shaping the initial efforts around Docker’s open API for networking. The explicit focus of the SocketPlane team within Docker will be on collaborating with the partner community to complete a rich set of networking APIs that addresses the needs of application developers and network and system...
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect at GE, and Ibrahim Gokcen, who leads GE's advanced IoT analytics, focused on the Internet of Things / Industrial Internet and how to make it operational for business end-users. Learn about the challenges posed by machine and sensor data and how to marry it with enterprise data. They also discussed the tips and tricks to provide the Industrial Internet as an end-user consumable service using Big Data Analytics and Industrial C...
Performance is the intersection of power, agility, control, and choice. If you value performance, and more specifically consistent performance, you need to look beyond simple virtualized compute. Many factors need to be considered to create a truly performant environment. In his General Session at 15th Cloud Expo, Harold Hannon, Sr. Software Architect at SoftLayer, discussed how to take advantage of a multitude of compute options and platform features to make cloud the cornerstone of your onlin...
The explosion of connected devices / sensors is creating an ever-expanding set of new and valuable data. In parallel the emerging capability of Big Data technologies to store, access, analyze, and react to this data is producing changes in business models under the umbrella of the Internet of Things (IoT). In particular within the Insurance industry, IoT appears positioned to enable deep changes by altering relationships between insurers, distributors, and the insured. In his session at @Things...
JFrog on Thursday announced that it has added Docker support to Bintray, its distribution-as-a-service (DaaS) platform. When combined with JFrog’s Artifactory binary repository management system, organizations can now manage Docker images with an end-to-end solution that supports all technologies. The new version of Bintray allows organizations to create an unlimited number of private Docker repositories, and through the use of fast Akamai content delivery networks (CDNs), it decreases the dow...
Platform-as-a-Service (PaaS) is a technology designed to make DevOps easier and allow developers to focus on application development. The PaaS takes care of provisioning, scaling, HA, and other cloud management aspects. Apache Stratos is a PaaS codebase developed in Apache and designed to create a highly productive developer environment while also supporting powerful deployment options. Integration with the Docker platform, CoreOS Linux distribution, and Kubernetes container management system ...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
SYS-CON Media announced that IBM, which offers the world’s deepest portfolio of technologies and expertise that are transforming the future of work, has launched ad campaigns on SYS-CON’s numerous online magazines such as Cloud Computing Journal, Virtualization Journal, SOA World Magazine, and IoT Journal. IBM’s campaigns focus on vendors in the technology marketplace, the future of testing, Big Data and analytics, and mobile platforms.
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, will answer that question citing examples, showing how to create opportunities f...
IBM has announced that SoftLayer will offer OpenPOWER-based servers as part of its portfolio of cloud-based services. With the new offering, clients will be able to select OpenPOWER-based “bare metal” servers when configuring their cloud-based IT infrastructure from SoftLayer, an IBM company. Leveraging the OpenPOWER Foundation design concept, the servers were developed to help clients better manage data-intensive workloads on public and private clouds. Increasingly cloud technologies, bot...
Red Hat has launched the Red Hat Cloud Innovation Practice, a new global team of experts that will assist companies with more quickly on-ramping to the cloud. They will do this by providing solutions and services such as validated designs with reference architectures and agile methodology consulting, training, and support. The Red Hat Cloud Innovation Practice is born out of the integration of technology and engineering expertise gained through the company’s 2014 acquisitions of leading Ceph s...