Virtualization.com

News and insights from the vibrant world of virtualization and cloud computing

Featured

A Round Table on Virtualization Security with Industry Experts

by 3 Comments

Virtualization security or ‘virtsec’ is one of the hottest topics in virtualization town. But do we need another abbreviation on our streets? Does virtualization require its own security approach and how would it be different from the physical world?

Different opinions fly around in the blogosphere and among vendors. Some security experts claim there is nothing new under the sun and the VirtSec people are just trying to sell products based on the Virtualization Hype. Some see a genuine need to secure new elements in the infrastructure, others claim that Virtualization allows new capabilities to raise security from the ground up and cynics claim it is just a way for the Virtualization industry to get a larger piece from the security budget.

So our editors Tarry and Kris set out to clarify the different opinions, together with the support of StackSafe, they organized a conference call with some of the most prominent bloggers, industry analyst and vendors in this emerging field.

On the call were Joe Pendry (Director of Marketing at StackSafe), Kris Buytaert (Principle at Consultant Inuits), Tarry Singh (Industry/Market Analyst Founder & CEO of Avastu), Andreas Antonopoulos (SVP & Founding Partner at Nemertes Research),Allwyn Sequeira (SVP & CTO at Blue Lane), Michael Berman (CTO at Catbird), Chris Hoff (Chief Security Architect – Systems & Technology Division and Blogger at Unisys) and Hezi Moore (President, Founder & CTO at Reflex Security)

During our initial chats with different security experts their question was simple: “what does virtsec mean?”. Depending on our proposed definition, opinions varied.

So obviously the first topic for discussion was the definition of VirtSec:

Allwyn Sequeira from Blue Lane kicked off the discussion by telling us that he defined Virt Sec as “Anything that is not host security or that’s not network-based security. If there’s a gap there, I believe that gap – in the context of virtualization – would fall under the realm of virtualization security. ” He continued to question who is in charge of Inter-VM communication security, or how features such as Virtual Machine Migration and Snapshottiting add a different complexity to todays infrastructure.

Andreas Antonopoulos of Nemertes Research takes a different approach and has two ways of looking at VirtSec “How do you secure a virtualized environment” and in his opinion a more interesting question is “How do you virtualize all of the security infrastructure in an organization” Andreas also wonders how to call the new evolutions “What do you call something that inspects memory inside of VM and inspects traffic and correlates the results? We don’t really have a definition for that today, because it was impossible, so we never considered it.” He expects virtualization to change the security landscape “Just like virtualization has blurred the line between physical server, virtual server, network and various other aspects of IT, I see blurring the lines within security very much and transforming the entire industry.”

Hezi Moore from Reflex Security wants to search for actual problems. He wants to know what changed since we started virtualizing our infrastructures. “A lot of the challenges that we faced before we virtualized; are still being faced after we virtualized. But a lot of them got really intensified, got much more in higher rate and much more serious.”

Michael Berman from Catbird thinks the biggest role of VirtSec still is Education, “..and the interesting thing I find is the one thing we all know that never changes is human nature.” He is afraid of virtualization changing the way systems are being deployed with no eye on security. Virtualization made it a lot easier to bypass the security officers and the auditors. The speed at which one can deploy a virtual instance and a bigger number of them has changed drastically regarding to a physical only environment, and security policies and procedures have still to catch up. “We can have an argument whether the vendors are responsible for security, whether the hypervisors about who attack servers. The big deal here is the human factor. “

Chris Hoff summarizes the different interpretations of VirtSec in three bullets:

  • One, there is security in virtualization, which is really talking about the underlying platforms, the hypervisors. The answer there is a basic level of trust in your vendors. The same we do with operating systems, and we all know how well that works out.
  • Number two is virtualized security, which is really ‘operationalization’, which is really how we actually go ahead and take policies and deploy them.
  • The third one is really gaining security through virtualization, which is another point.

Over the past decade different Virtualization threats have surfaced, some with more truth than others. About a decade ago when Sun introduced their E10K system, they were boasting they really had 100% isolation between guest and host OS. But malicious minds figured out how to abuse the management framework to go from one partition to another. Joana Rutkowska’s “Blue Pill” Vulnerability Theory turned out to more of a myth than actual danger. But what is the VirtSec industry really worried about?

It seems the market is not worried about these kind of exploits yet. They are more worried about the total lack of security awareness. Andreas Antonopoulos summarizes this quite well “I don’t see much point in really thinking too much about five steps ahead, worrying about VM Escape, worrying about hypervisor security, etc. when we’re running Windows on top of these systems and they’re sitting there naked”.

Allwyn from Blue Lane however thinks this is an issue…certainly with Cloud Computing becoming more popular, we suggest to seriously think about how to tackle deployment of Virtual Machines in environments we don’t fully control. The Virtual Service Providers will have to provide us with a secure way to manage our platforms, and enough guarantee that upon deployment of multiple services these can communicate in a secured and isolated fashion.

Other people think we first have to focus on the Human Factor, we still aren’t paying enough attention to security in the physical infrastructure, so we better focus on the easy to implement solutions that are available today, rather than to worry about, exploits that might or might not occur one day.

Michael Berman from Catbird thinks that Virtualization vendors are responsible to protect the security of their guest. A memory Breakout seems inevitable, but we need to focus on the basic problems before tackling the more esoteric issues…He is worried about scenarios where old NT setups, or other insecure platforms are being migrated from one part of the network to another, and what damages can occur from such events.

Part of the discussion was about standardization, and if standardization could help in the security arena. Chris Hoff reasons that today we see mostly server virtualization, but there is much more to come, client virtualization, network virtualization, etc. As he says: “I don’t think there will be one one ring zero to rule them all.”. There are more and more vendors joining the market, VMWare, Oracle, Citrix, Cisco, Qumranet and different others have different Virtualization platforms and some vendors have based their products on top of them.

In the security industry standardization has typically been looked at as a bad thing, the more identical platforms you have the easier it will be for an attacker, if he breaks one, he has similar access to the others. Building a multi-vendor or multi-technology security infrastructure is common practice.

Another important change is the shift of responsibilities, traditionally you had the Systems people and the network people, and with some luck an isolated security role. Today the Systems people are deploying virtual machines at a much higher rate , and because of Virtualization they take charge of part of the network, hence giving the Network people less control. And the security folks less visibility

Allwyn Sequeira from Blue Lane thinks the future will bring us streams of Virtualization Security, the organizations with legacy will go for good VLAN segmentation and some tricks left and right because the way they use Virtualization blocks them for doing otherwise. He thinks the real innovation will come from people who can start with an empty drawing board.

Andreas Antonopoulos from Nemertes Research summarized that we all agree that the Virtualization companies have a responsibility to secure their hypervisor. There is a lot of work to be done in taking responsibility so that we can implement at least basic security. The next step is to get security on to the management dashboard , because if the platform is secure, but the management layer is a wide open goal, we haven’t gained anything.

Most security experts we talked to still prefer to virtualize their current security infrastructure vover the products that focus on securing virtualization. There is a thin line between needing a product that secures a virtual platform and changing your architecture and best practices to a regular security product fits in a Virtualized environment.

But all parties seem to agree that lots of the need for VirtSec comes from changing scale, and no matter what tools you throw at it, it’s still a people problem

The whole VirtSec discussion has just started, it’s obvious that there will be a lot of work to be done and new evolutions will pop up left and right. I`m looking forward to that future So as Chriss Hoff said “Security is like bell bottoms, every 10-15 years or so it comes back in style”, this time with a Virtualization sauce.

Listen to the full audio of the conference call!

Double-Take Software Picks Up emBoot for $10 Million in Cash

by 1 Comment

Double-Take Software announced (PDF) today the acquisition of emBoot, experts in network booting technology. emBoot network boot technologies allow organizations to easily assign and re-assign computing workloads to any available Windows or Linux physical servers or desktops or any virtual machine in their environment.

The acquisition follows Double-Take Software’s development of full system protection and recovery technologies as well as the acquisition of CDP recovery with TimeData as key components of the company’s Dynamic Infrastructure Strategy that aims to optimize, protect, monitor and recover workloads on any resource, anywhere and to any point in time.

The technology acquired with emBoot allows separation of the operating system, applications and data associated with a workload from the hardware it runs on. IT organizations can now move those workloads around in a matter of minutes whether it is because a disaster has occurred, a data center is moving, the company has decided to virtualize its infrastructure or an application needs more capacity.

Moving entire workloads around independent of the underlying physical or virtual hardware they are running on has been painfully complex and time consuming for IT administrators. By storing workloads on networked storage resources and making them available to physical and virtual servers on-demand, Double-Take’s new solutions now make it is easy for IT administrators to move critical applications and data according to their value and desired service level agreements and to optimize the use of test, production and disaster recovery computing resources.

emBoot’s technology is based on the growing iSCSI storage standard (Internet Small Computer System Interface). Double-Take’s new offering will provide two key capabilities for customers in support of movement to a more dynamic IT infrastructures:

  • Using any iSCSI compliant storage solution, those customers will be able to create bootable images of their production workloads and use a centralized workload management console to assign those workloads to any available physical or virtual machines in their environment.
  • Optionally, companies will be able to build a software-based iSCSI Storage Area Network (SAN) using standard server hardware and storage using included iSCSI Target software.

IT professionals will be able to quickly create an IP SAN in minutes using commodity server hardware and disks they may already have. The iSCSI-based network booting features will make it easy to migrate workloads to new hardware, to virtual machines or back based on changing demands.

The company acquired emBoot for a total cash purchase price of $10 million.

Double-Take Software

[Source: Hypervoria]

Amazon Loves CloudStatus, And We’ve Got The Proof on Video

by 2 Comments

At the O’Reilly Velocity conference we attended last month, Hyperic was there to hype the launch of Cloudstatus, which aspires to become the monitoring tool for cloud providers similar to what Netcraft is for’classic’ hosting providers. Get the lowdown on Hyperic and CloudStatus in this video (two parts) from Jon Travis (Principal Engineer) and Xavier Soltero (co-founder and CEO).

See part 1 of the movie here on Vimeo, but scroll down for the best part!

As we are living in the ice age of cloud computing, glitches (like the recent outage of Amazon S3) are to be expected and it must be said that Amazon managed to fix its ecosystem relatively fast and openly reported on the underlying problem .

An interesting question is posted by Reuven Cohen on his blog about the use of federated network protocols within cloud services and the gossip protocol that caused Amazon’s WS downtime on June 24.

“…We have been big fans of use of XMPP for federated communications within our Enomalism cloud platform for multi cloud communications (Wide Area Cloud). XMPP is interesting because it natively solves a number of federation problems within a tried and tested framework. One of the biggest benefits to the use of a gossip protocol lies in the the robust spread of information and the exponential nature of it’s sharing of information within a large number of machines…”

At Virtualization.com, we intend to report on cloud initiatives too, since all these Platform-as-a-Service providers (Google App Engine being the exception to this rule) are enabled by virtualization technology. We expect to see several more competitive statistical analysis tools for various cloud service providers to emerge in the near future. With Amazon Web Services (AWS) blazing the cloud trail, Hyperic picked them to start reporting on via CloudStatus. But Google App Engine and (Sales)force.com seem target platforms to follow. So Amazon’s trouble with being first, is they are first in line to be publicely reported on too. This also means the PR and sales people at Cloudstatus have a busy time issuing press releases and contacting impacted prospects whenever Amazon experiences a glitch or failure.

Stacey Higginbotham at GigaOm ventilated the common fear that:

“… Amazon or another cloud provider could shut the service down, either by offering their own status service or by stopping the Hyperic agent. Given the rush to provide dashboards, application-testing products and other services on top of established computing services, I’m eager to see how startups keep their footing in the clouds.”

Being curious and knowing Amazon only speaks through CEO Jeff Bezos or CTO Werner Vogels, we walked up to the latter and were happy to learn Amazon actually loves CloudStatus. He took a step back right afterwards, but why not just watch the video to see his response to the CloudStatus launch?


Amazon AWS Loves CloudStatus.com, Here’s The Proof (Hyperic Video 2/2) from Toon Vanagt on Vimeo.

On a sidenote: Hyperic’s newly launched CloudStatus detected the outage at 8:45am PDT, a full 20 minutes before Amazon posted that they were aware of the issue, at 9:05 PDT on http://status.aws.amazon.com/. CloudStatus saw several server errors coming from the majority of their S3 and SQS monitoring agents, in addition to other problems with EC2 (lots of EC2 zombies being created) that may have been related.

Like hurricane warning systems, while Hyperic CloudStatus could not have prevented the S3 outage, it was able to provide enough of a “storm” warning for users to take action. The company will be adding additional cloud services to CloudStatus in the coming months, next up is Google App Engine.

Hyperic

VMware Releases Infrastructure 3.5 Update 2, ESX and VirtualCenter Get Upgrades, ESXi Now 100% Free

by 1 Comment

VMware has released Update 2 for Infrastructure 3.5, listing a whole set of updates and features. At the same time, the company has made the license for ESXi completely free, as announced last week during the earnings call.

These are the highlights of some of the enhancements available in this release of VMware Infrastructure 3 (free evaluation here):

  • Windows Server 2008 support – Windows Server 2008 (Standard, Enterprise, and Datacenter editions) is supported as a guest operating system. With VMware’s memory overcommit technology and the reliability of ESX, virtual machine density can be maximized with this new guest operating system to achieve the highest degree of ROI. Guest operating system customizations and Microsoft Cluster Server (MSCS) are not supported with Windows Server 2008.
  • Enhanced VMotion Compatibility – Enhanced VMotion compatibility (EVC) simplifies VMotion compatibility issues across CPU generations by automatically configuring server CPUs with Intel FlexMigration or AMD-V Extended Migration technologies to be compatible with older servers. Once EVC is enabled for a cluster in the VirtualCenter inventory, all hosts in that cluster are configured to ensure CPU compatibility for VMotion. VirtualCenter will not permit the addition of hosts which cannot be automatically configured to be compatible with those already in the EVC cluster.
  • Storage VMotion – Storage VMotion from a FC/iSCSI datastore to another FC/iSCSI datastore is supported. This support is extended on ESX/ESXi 3.5 Update 1 as well.
  • VSS quiescing support – When creating quiesced snapshot of Windows Server 2003 guests, both filesystem and application quiescing are supported. With Windows Server 2008 guests, only filesystem quiescing is supported. For more information, see the Virtual Machine Backup Guide and the VMware Consolidated Backup 1.5 Release Notes.
  • Hot Virtual Extend Support – The ability to extend a virtual disk while virtual machines are running is provided. Hot extend is supported for vmfs flat virtual disks without snapshots opened in persistent mode.
  • 192 vCPUs per host – VMware now supports increasing the maximum number of vCPUs per host 192 given that the maximum number of Virtual Machines per host is 170 and that no more than 3 virtual floppy devices or virtual CDROM devices are configured on the host at any given time. This support is extended on ESX 3.5 Update 1 as well.

As for the hardware enablement and management:

  • 8Gb Fiber Channel HBAs – Support is available for 8Gb fiber channel HBAs. See the I/O Compatibility Guide for ESX Server 3.5 and ESX Server 3i for details.
  • SAS arrays – more configurations are supported. See the Storage/SAN Compatibility Guide for ESX Server 3.5 and ESX Server 3i for details.
  • 10 GbE iSCSI initiator – iSCSI over a 10GbE interface is supported. This support is extended on ESX Server 3.5 Update 1, ESX Server version 3.5 Update 1 Embedded and ESX Server version 3.5 Update 1 Installable as well.
  • 10 GbE NFS support – NFS over a 10GbE interface is supported.
  • IBM System x3950 M2 – x3950 M2 in a 4-chassis configuration is supported, complete with hardware management capabilities through multi-node Intelligent Platform Management Interface (IPMI) driver and provider. Systems with up to 32 cores are fully supported. Systems with more than 32 cores are supported experimentally.
  • PMI OEM extension support – Execution of IPMI OEM extension commands is supported.
  • System health monitoring through CIM providers – More Common Information Model (CIM) providers are added for enhanced hardware monitoring, including storage management providers provided by QLogic and Emulex. LSI MegaRAID providers are also included and are supported experimentally.
  • CIM SMASH/Server Management API – The VMware CIM SMASH/Server Management API provides an interface for developers building CIM-compliant applications to monitor and manage the health of systems. CIM SMASH is now a fully supported interface on ESX Server 3.5 and VMware ESX Server 3i.
  • Display of system health information – More system health information is displayed in VI Client for both ESX Server 3.5 and VMware ESX Server 3i.
  • Remote CLI – Remote Command Line Interface (CLI) is now supported on ESX Server 3.5 as well as ESX Server 3i. See the Remote Command-Line Interface Installation and Reference Guide for more information.

VirtualCenter 2.5 update 2 adds full support for monitoring individual virtual machine failures based on VMware tools heartbeats. This release also extends support for clusters containing mixed combinations of ESX and ESXi hosts, and minimizes previous configuration dependencies on DNS. It also extends support for alarms on the overall health of the server by considering the health of each of the individual system components such as memory and power supplies. Alarms can now be configured to trigger when host health degrades.

VirtualCenter 2.5 Update 2 provides the ability of creating a clone of a powered-on virtual machine without any downtime to the running virtual machine. Therefore, administrators are no longer required to power off a virtual machine in order to create a clone of it. Also, you can now automatically authenticate to VirtualCenter using your current Windows domain login credentials on the local workstation, as long as the credentials are valid on the VirtualCenter server.

This capability also supports logging in to Windows using Certificates and Smartcards. It can be used with the VI Client or the VI Remote CLI to ensure that scripts written using the VI Toolkits can take advantage of the Windows credentials of your current session to automatically connect to VirtualCenter.

VMware

EMC Reports Strong Q2 Results, Might Spin Off VMware Anyway

by 1 Comment

So VMware performed below expectations, but how did parent company EMC do the past quarter? Not too shabby, actually. In its Q2 Earnings conference call (see transcript here), the company outlined that it had performed well against the backdrop of a challenging economic environment, although its outlook for the future was less rosy.

In the second quarter, EMC had revenue growth of 18% (to $3.67 billion), a non-GAAP EPS growth of 20%. EMC’s second-quarter net income rose 13% to $377.5 million, or 18 cents per share, from $334.4 million, or 16 cents a share, a year earlier. EMC backed its January forecast of full-year profit of 78 cents per share, excluding items. It said 2008 revenue would exceed $15 billion, up from its previous outlook of $15 billion.

The results sent EMC shares up a few points, and they got a further boost when EMC opened the door to a VMware spinoff, per report by Reuters. EMC CEO Joe Tucci apparently stated in an interview with Reuters that a VMware spinoff is definitely possible, although it likely wouldn’t happen in 2008.

EMC Corporation

VMware

Diane Greene’s Potential Payout Nearly $50 Million USD

by 1 Comment

Unless you’ve been living under a rock, you know Diane Greene was recently abruptly ousted from the top spot at the very company she co-founded, VMware.

Greene, 52, had been CEO of the company since she helped start it in 1998 along with 4 others, including husband and current Chief Scientist Mendel Rosenblum. Her salary, according to a July 2007 employment agreement, was $750,000. Her salary in 2007 was $583,333 and her total compensation for the year was $8.6 million.

Another interesting caveat: according to VMware’s proxy statement, Greene could be paid a bonus of $491,678 and her stock options may vest early, which could increase the value of her potential payout to $47.5 million or even more.

[Source: SF Business Times]

VMware