Feeds

Assessing your server virtualisation needs

Is your IT environment ready?

  • alert
  • submit to reddit

3 Big data security analytics techniques

Lab One of the appealing things about server virtualisation is that the “table stakes” are quite low. To virtualise a server, it really is just a case of configure the server, install the appropriate software, log in and off you go – or at least, it was last time I tried.

From there it is possible to create VMs with relative ease, install operating systems and applications, and treat them pretty much as their physical equivalents. For anyone with a bit of systems management nous, one-off virtualisation is about as straightforward as IT can get.

What we have learned across the course of this lab however, is that production-scale server virtualisation is a different beast to the one-off. Virtualisation has ramifications beyond the server, both in terms of the workloads involved, and the overall IT architecture and how it is managed.

So, if virtualisation is a journey as much as a destination, what should you be thinking about before you set out?

As good a starting point as any is to see virtualisation as having an impact across the IT environment, and treating it accordingly. We don’t have a crystal ball, so we don’t know whether the majority of servers will be virtualised in two years. All the same, while virtualisation may certainly be available for purchase as a product from different vendors, it is perhaps best thought about as a feature.

From this perspective, it is as much about thinking about the IT environment as a whole and how virtualisation can fit, rather than thinking about the impact of virtualisation on specific aspects of IT. In this lab for example, we’ve covered such areas as data protection, security and availability. But in fact, these areas are as much about what virtualisation can bring to the party, as any risks inherent in virtualisation itself.

Post-winter is always a time for reflection, and as organisations review their infrastructures, questions such as, “Are your infrastructure or support operations ready for virtualisation?” or “What’s the business advantage of virtualisation?” are red herrings. A more important question is that age-old “What IT services are you trying to deliver?” coupled with “And how can they best be delivered with virtualisation as part of the mix?”

Virtualisation has a number of strengths – ease of deployment and provisioning for example, workload flexibility and scalability, increased infrastructure resilience. But you and your IT organisation will have to decide which of these qualities are important, in what proportion.

The architectural view that results from such a prioritisation exercise is fundamental to getting the best out of IT in general, and virtualisation in particular. If your organisation is highly dependent on transactional applications, you will require a certain IT environment; meanwhile, if you are a development shop, your needs will be different.

I know, it’s obvious – but the point is that without thinking about such things in advance, you may go through the painful experience acknowledged by a number of Reg readers, of thinking about virtualisation purely as a consolidation tool, and then finding out later that the servers don’t have enough RAM, or that storage has become a bottleneck, or that provisioning mechanisms are inadequate to support the proliferation and resulting sprawl of virtual machines.

This short-term, cost-saving view can also come back to bite you from the perspective of management and operations. The feedback we’ve picked up is that virtual machine management can be anything but cheap – which isn’t a problem if you are prepared to run your virtual estate in the same, non-automated way as your physical estate. But if that is the case, you will find it harder to take advantage of some of the operational benefits of virtualisation.

Most organisations will be starting down the track to virtualisation with cost savings in mind, and that’s all well and good. If we interpret the feedback from the Reg readership, there is a fork later in the road.

On one side, if you want to see virtualisation as a more strategic element of your infrastructure, you will need to make sure you see it from the perspective of the infrastructure as a whole; or you may choose to keep virtualisation as a more tactical consolidation mechanism.

The more dangerous route is where virtualisation becomes part of the environment, takes the IT department by surprise, scales up without sufficient consideration for architecture or management and causes IT services to suffer (and costs to escalate) as a result. Let’s keep our fingers crossed that only a minority of organisations find themselves on the virtualisation death march – but they will have been warned. ®

SANS - Survey on application security programs

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.