Posts Tagged ‘virtual machines’

CIOs Need To Realize That Virtualization Isn’t All That It’s Cracked Up To Be

Wednesday, August 3rd, 2011
Image Credit Sure Virtualization Seems Neat In The Beginning, But…

Sure Virtualization Seems Neat In The Beginning, But…

To read the IT trade journals or speak with CIOs you’d think that we’ve all found the magic silver bullet that IT’s been looking for during the past few years: server virtualization. The ability to mash together a bunch of different expensive individual servers and shrink the company’s IT footprint down by a factor of 5x while reducing power and cooling costs at the same time sure seems to be a miracle cure for IT budget problems. Guess what: this isn’t Hogwarts and you’re not Harry Potter. Virtualization has its own set of problems and we need to have a talk…

What Is Virtualization?

So first off, let’s make sure that we’re all on the same page here with our understanding of just exactly what this virtualization thing is. In the past, IT departments used to set up a new server for each new application that they wanted to deploy. This resulted in the IT department having to maintain farms of servers that were all horribly underutilized.

The arrival of virtualization software changed everything. This low level software allowed multiple applications to run on the same physical hardware but believe that they had the box all to themselves. Now you could combine multiple individual servers into a single physical box. Things like what operating system an application used no longer mattered – you could mix and match to your heart’s content.

Problem: Virtual Machine Sprawl

Evangelos Kotsovinos has taken a close look at just exactly what it means to introduce lots of virtual machines into a company’s IT infrastructure. What he’s found is that although CIOs might think that this changes everything, it doesn’t.

It turns out that managing a virtual machine (VM) takes roughly the same amount of effort that managing a real box does. When you couple this with the fact that it has become so easy to set up new VMs, what you’re seeing is unconstrained virtual machine sprawl.

IT departments are struggling to keep up with more and more VMs as staff set them up and then forget about them. Every IT department now needs to come up with a VM reclamation solution.

Problem: Scaling

The very newness of VMs is causing IT departments to encounter a whole new set of management headaches. In the old days, IT departments had developed the tools and processes that they needed in order to deal with building large groups of new servers or handling a planned data center maintenance activity.

The arrival of VMs has upset this carefully established way of doing things. The problem is that often the VM management tools aren’t able to scale up to the size of enterprise operations. This leaves IT departments struggling to find ways to manage the beast that they have created.

Problem: Troubleshooting

There’s something deeply satisfying about tackling a system problem when you have the physical box in front of you. You know that you can always reach out and swap out various components if you have to. The same is not true when you’ve virtualized all of your servers.

Kotsovinos points out that a VM is really a collection of interconnected physical subsystems: server, storage, and network. When you are dealing with a system problem, like a slowdown, it’s going to require a whole new set of skills to track down what’s really going on. Additionally, virtualization is so new that often the right tools to do this type of trouble shooting may not exist yet.

Problem: Silos

Think about how your IT department is set up today. Generally we draw lines between various disciplines based on what they do: the Unix team, the Windows team, the storage guys, the network guys, etc. The arrival of virtualization in the data center is going to screw all of this up.

The reason that virtualization can cause such a disruption is because issues that have to do with the VMs more often than not involve all of the various disciplines. No longer will the storage team be able to just focus on storage issues. Instead, they are going to have to work together with several other teams in order to try to solve complex problems.

What All Of This Means For You

Server virtualization is a fantastic discovery. However, CIOs need to realize that it’s not going to make all of their problems go away.

Instead, virtualization is going to end up replacing one set of problems with another. These will include potentially unchecked virtual machine sprawl, scaling issues, more challenging troubleshooting, and a breakdown in the IT silo structure.

Face it, virtualization is going to take over both the IT back office and probably the IT front office eventually. CIOs need to understand that as this occurs, we’re all going to have to adjust how the IT department is run in order to meet the new set of demands that virtualization is going to put on us…

- Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™

Question For You: What do you think is the best way to keep virtual machine sprawl from getting out of hand?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

Let’s face it, CIOs just like everyone else are currently being overwhelmed with too much information on a daily basis. Things were bad a few years ago, but with the arrival of blogs, wikis, Internet video and smartphones, there just doesn’t seem to be any way for us to keep up. That’s why more and more CIOs are turning to simulations in order to visually present large amounts of information in a way that we can absorb it. However, it turns out that our simulations just might be lying to us…

Tags: , , , , , , , , , , , , , ,
Posted in virtualization | 2 Comments »

The Machines May Be Virtual, But The Security Problem Is Real

Monday, October 26th, 2009

Photo CreditVirtual Machines Pose Real Security Threats

Virtual Machines Pose Real Security Threats

When you become CIO, you already know that IT security is going to be one of your biggest and least rewarding challenges. If you do a great job at it, then nobody will ever know and you’ll get no credit for it. If you do a poor job, then everyone will know and you’ll get all the blame. That just goes with the CIO job.

In the future, CIOs are going to have a whole new set of security issues that come along with the popularity of virtual machines. The rules for how best to secure these boxes that really aren’t boxes have not been established yet. What can you do to make yourself ready to take on this new challenge?

Just What Is A Virtual Machine?

Before we dive in and start talking about security, let’s make sure that we’re all onboard when it comes to just exactly what a virtual machine is. Awhile back, some very smart folks (a lot of who happened to work at a company called Vmware) realized that most companies were deploying one application per server in their data centers. One for email, one for web hosting, etc.

It turns out that as servers got more powerful, this was incredibly ineffective – most of the server’s processing power was not being used. The smart people created what they called a virtual machine (or VM) – software that sat on the server between the actual server hardware and the operating system that was running on the server. You can sorta think of it as a lower level operating system

Once this VM was in place, they discovered that they could run multiple operating systems (and then of course multiple applications on top of those operating systems) on each individual server. When they did this everything was isolated – if one operating system crashed, it didn’t interfere with the other operating systems / applications running on the same box.

As you can well imagine, this has turned out to be an incredibly popular way to reduce the number of servers that have to be deployed and maintained within a data center. However, it has also opened the door to some nasty security problems…

The Problem With Virtualization Security

Oh sure, you THINK that you know how to secure a data center – lock down all of the network ports going in and out, and then take steps to make sure that you know which staff are allowed to enter and leave. Oh oh, when your servers stop being real physical boxes and start to become virtual images, now you’ve going to have a whole new set of problems to deal with.

Cameron Sturdevant has been looking into just how we can go about securing the brave new future of virtual machines and he’s uncovered ten new issues that you are going to have to be able to deal with:

  1. Moving Too Fast: since virtual machines can be set up and put into operation much quicker than a real server can, you’re going to have to set up some sort of review process in order to keep things under control.
  2. Redefine Your Boundaries: it used to be simple to be able to keep the important things inside the data center and the threats outside when everything needed a physical box. Now that things are going virtual, these boundaries are getting more murky and you will have to spend the time to redraw them.
  3. Killed By Quantity: since it’s so easy to set up a new virtual machine, you’re going to be facing an explosion of them. This means that you’re going to have to establish a policy to determine when a new virtual machine needs to be deployed and when it needs to be turned off.
  4. Moving Day Is Everyday: since virtual machines can easily move from box to box, you’re going to have to lay down the law in order to make sure that the new server has the appropriate security policies in place in order to support the applications that will be running on it.
  5. Not The Same As The Old Boss: both the tools and the policies that used to work in the world of “real” servers won’t necessarily work in the new world of virtual servers. You’re going to have to find / make new ones.
  6. Virtual Tools: in order to police your virtual machines, you are going to want your security tools to run on virtual machines also – makes sense, doesn’t it?
  7. Cutting Costs: how many CPU cycles your virtual security tools take up will be a huge deal very quickly. The rule of thumb is for them to take less than 2-3% of the CPU’s cycles.
  8. Policy Update Time: not only will you need fancy new tools, but you are also going to need to update your staff on just how one goes about securing virtual boxes. Can you say special training?
  9. Where To Focus?: the experts suggest that you spend your time securing both the virtual machine and its applications and don’t worry so much about the underlying virtual machines. The thinking is that virtual machines are by design isolated from everything else so they are more secure.
  10. Get Some Relief: look for virtual machine management tools that will allow your staff to automate the processes of configuring and deploying virtual machines as much as possible in order to minimize security slipups.

Final Thoughts

Like it or not, when you become CIO you’re going to be living in a virtual world. All of the clever security tools and policies that we’ve created in an attempt to secure the world of physical servers that we now live in are not going to work in the future.

Your challenge will be to find ways to secure the virtual data center while at the same time keeping your IT staff’s workload at a manageable level. The good news is that this can be done, the bad news is that you’re going to be in uncharted territory. Good luck future CIO…!

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

What We’ll Be Talking About Next Time

Everybody wants their IT services for free. When you become the CIO, you’ve got to find an answer to the ugly question of just who’s going to pay you for all of those fancy IT services that your department can provide.

Tags: , , , , , , , , ,
Posted in security | No Comments »