Virtualization.com

News and insights from the vibrant world of virtualization and cloud computing

Alternative Technology Adds McAfee Security Solutions and Services

by Leave a Comment

Alternative Technology, an Arrow Electronics company and specialty distributor of thin-client/server-based computing, edge infrastructure, virtualization, and security solutions, has announced it will distribute the full line of McAfee security software, appliances and managed security services for small to medium businesses and enterprises. Those offerings include: system/endpoint security, network security, data protection, and risk and compliance management.

Alternative Technology

Alternative Technology will offer McAfee’s complete line of security solutions which can protect consumers, small business, and all types of enterprises. McAfee Total Protection Suites offer security solutions for servers, networks, desktops and mobile devices.

McAfee solutions offered by Alternative Technology include the recently announced 10Gbs Network Security Platform and high-performance McAfee Content Security Blade Server. McAfee offers scalability for security and compliance management for networks, data and endpoints across large-scale physical and virtual environments as well as small-scale and mid-size networks.

“McAfee security solutions are a significant addition to our line card and will be well received by our North American channel partners,” said Tom Zorn, senior vice president, Alternative Technology. “They complement our other products and service offerings. In particular, McAfee’s recently announced Email and Web Security Virtual Appliance, in beta, built from the ground up for the VMware platform, McAfee’s new virtual infrastructure security assessment service, and their plans to embed VMware’s VMsafe security technology into future McAfee security solution offerings, tie in very well with our rapidly growing VMware business.”

Complementing Alternative Technology’s professional methodology for security assessment, remediation and management, is the McAfee Foundstone Professional Services offering. The Foundstone Virtual Infrastructure Security Assessment is the first security service dedicated to virtualization. McAfee security solutions will also be added to Alternative Technology’s PCI Compliance Solutions Program.

PlateSpin Reaffirms Commitment For Extended Citrix XenServer Support

by Leave a Comment

PlateSpin, since recently a Novell company, today reaffirmed its commitment to support Citrix XenServer across the PlateSpin product line. PlateSpin considers XenServer support to be a key element of its multiplatform strategy, which aims to offer enterprises a unified suite of solutions for managing heterogeneous data center environments and making physical and virtual infrastructures work as one.

Platespin

“As a Citrix Technology Partner, PlateSpin is committed to working with Citrix to offer customers simple, efficient and interoperable solutions to virtualize servers and better manage their XenServer environments,” said Stephen Pollack, CEO of PlateSpin ULC. “PlateSpin Workload Portability and profiling technology helps Citrix customers make the most of their XenServer investments by accelerating and simplifying the integration of XenServer into their mixed data center environments where multiple hypervisor technologies coexist.”

With broad support for today’s distributed, multi-platform environments, PlateSpin PowerRecon provides an enterprise-scale workload profiling, planning and optimization solution that improves the speed and quality of virtualization initiatives and eases the burden of managing virtual environments.

[Source: VMblog]

Who Owns Virtualization Security? The Hoff/Crosby Debate

by 5 Comments

We’ve decided to cross-publish a blog post by Gregory Ness, VP of Marketing for Blue Lane Technologies, because we think it delivers a good insight in the whole Hoff/Crosby debate about virtualization security (virtsec, if you will).

Gregory NessLast year when I blogged about the impact of virtsec on the world of static security I focused on how virtualization could degrade the effectiveness of security solutions. Since then we’ve seen a surge of vendor marketing around virtualization security (virtsec), from a growing corral of one trick pony start-ups with various Barney announcements (“I love you, you love me…”) to the likes of the world’s leading security companies joining VMware’s unprecedented, visionary VMsafe initiative.

Last month I blogged about data center security’s key requirements, which included virtsec. My point was that virtsec will require more intelligence and agility than perimeter network security, because it will need to be deployed within the hypervisor layer and will consume hypervisor resources. Simply moving deep packet regular expression inspection engines into the hypervisor layer could add big hypervisor footprints and/or unacceptable levels of latency. These problems aren’t new; they’ve been hidden by faster and faster dedicated hardware at the network perimeter.

That’s why I found a recent virtsec blog exchange between Hoff and Crosby so disconcerting. Two brilliant guys with two very different perspectives are arguing about the ownership and accountability of virtualization security. Chris Hoff is a security guru with a sizable following who has been among the most vocal on the virtsec challenge. Security blogger Rothman calls Hoff Captain Virtual because he has been on a tear when it comes to the blog debate around virtsec.

Simon Crosby is leading the virtualization charge for Xen/Citrix and he insists that virtualization platform vendors should stay focused on securing their platform versus the new infrastructure they’re enabling. Like Chris, Simon is one very smart guy with a deep technology background in virtualization. And from Simon’s perspective he doesn’t sound unreasonable.

The virtualization security debate thus far has had so many issues swept underneath it by various parties that it resembles a lumpy rug. Simon and Chris are exposing some of the lumps as they humor each other with comments about smoking cigars from the wrong end and the following (from Hoff):

“Focusing only on your little patch of grass is short-sighted and it won’t work. Just like it hasn’t worked in the past. It’s a disaster waiting to happen, and you’re enabling it”. – Hoff

The problem isn’t that these two very smart guys disagree; it’s rather that this disagreement promises to play itself out on a micro-level in enterprises around the world, as I commented last year in “VM Security- The Keys to the Virtualization Kingdom.” And no one stands to win, except those hoping for a slow adoption.

Perhaps Rothman is right to suggest that security will stay tactical and reactionary when it comes to virtsec, because that has been the recent history of netsec on many fronts. Yet if virtsec isn’t done right it could jeopardize the very flexibility and efficiency that virtualization enables. Strategic virtsec is an enabler of growth; tactical virtsec is a rocky road.
Rothman’s scenario seems to anticipate the rocky road: the slow and grinding deployment of hypervisors in production stretched out for years, as tactical decisions and budgets respond to new risks and events driven by cycles of hacks, reactionary regulatory responses and internal operations and security discussions. Feels a lot like the status quo today, doesn’t it? I hope he’s wrong.

The colorful and spirited debate between Hoff and Crosby is very symbolic of the issues we’ve discussed here since my initial virtsec blog in Feb 2007.

Unfortunately I think this debate risks becoming a metaphor for production data center virtualization; it feels to me like two different worlds colliding in a potentially myopic haze of finger-pointing and original sin debates. That scenario will not help Citrix/Xen virtualize production environments, and I think that is why Hoff’s points bear such weight. And I’m not sure that Crosby gets this given his thoughtful and understandable Mother of All Misunderstandings response to Hoff.

I think the mother of all misunderstandings is about to play itself out as “a funny thing happened on the way to the datacenter” scenario. When Caesar crossed the Rubicon he knew his security profile would change, but he still underestimated the Senate. If Citrix doesn’t show leadership (ala VMware and VMsafe, etc.) and instead talks about security as “other people’s problems” its growth in the data center could experience a thousand cuts Caesar style as internal conflicts and strife within customers (between the Hoff’s and Crosby’s) could demonize the incredible and undeniable power of virtualization to enhance data center security.

The virtualization and security vendors can either lead on this issue as an opportunity to enhance security today or merely create awareness around the new risks and dynamics and talk about far-off solutions that may one day work when the market matures. One strategy will lead to the faster deployment of hypervisors in production; the other will fulfill Rothman’s prediction.

Virtualization is a massive opportunity to escape the cycle of attack followed by tactical/regulatory response and establish a new order, with security pros getting powerful, flexible new capabilities to protect systems. That will require leadership and new thinking and a full appreciation by those who don’t want to relive the past. Security may turn out to be strategic to virtualization in ways that it couldn’t be strategic to the network. The hypervisor layer is perhaps the most substantial strategic security opportunity in many years. Let’s hope we leverage it to its fullest.

Novell And Red Hat Upgrade Linux Enterprise Distros, Improve Virtualization Support

by Leave a Comment

Novell and Red Hat announced upgrades of their Linux-based enterprise distros, featuring improved virtualization and hardware support. In addition, Novell SUSE Linux Enterprise Server (SLES) 10 SP2 adds a new subscription management tool, while Red Hat Enterprise Linux (RHEL) 5.2 adds new security, clustering, desktop, and networking features.

Virtualization is the big story here. Red Hat has upgraded RHEL’s core virtualization hypervisor, Xen, to version 3.1.2, and has improved its support for NUMA (Non-Uniform Memory Access) architectures.

RHEL now supports virtualization of very large systems, says Red Hat, including systems with up to 64 CPUs and 512GB of memory. New CPU frequency scaling support is said to reduce power consumption for virtualized processes. RHEL also gains new clustering capabilities, including improved application failover support, which when combined with the virtualization enhancements, should lead to greater server farm stability.

Virtualization also seems to lead the way with Novell SLES 10 Service Pack 2 enhancements, which support Xen 3.2 (compared to RHEL 5.2’s Xen 3.1.2 support). Novell claims that with Xen 3.2, the new SLES is “the only Xen-based virtualization solution with full support from Microsoft for Windows Server 2008 and Windows Server 2003 guests, and live migration of those guests across physical machines.” Novell and Microsoft went in on an interoperability lab last fall.

Meanwhile, the company has been dropping hints about SLES 11, which is due in the first half of 2009. Novell hopes to make SLES 11 available as an appliance that will be supported by a new toolset designed to quickly build specialized images. Novell is planning versions optimized for specific ISV stacks, as well as a new embedded version to allow independent hardware vendors to embed virtualization and operating systems directly into the hardware. Other touted SLES 11 enhancements relate to “mission-critical data center technologies, Unix migration, virtualization, interoperability, green computing, and desktop Linux,” says Novell.

Both distros are available from today, according to both companies.

[Source: Linux Watch]

BakBone Introduces NetVault: Backup 8.1 With Full Adoption of VMware Technology

by 1 Comment

BakBone Software has released a new version of its flagship data protection solution, NetVault: Backup 8.1, adding support for individual VMware ESX Servers as well as full virtual data centers, all integrated and managed from the NetVault: Backup GUI. Users do not need to create and run scripts, giving BakBone customers the flexibility to deploy data protection in virtual environments and manage the solution under one umbrella.

BakBone

In addition to new VMware capabilities, BakBone now also provides full support for Novell‘s Open Enterprise Server (OES) 2. BakBone claims to offer the broadest Linux capabilities in the storage management market, supporting more leading Linux distributions and applications than any other data protection software vendor.

According to the press release, the highlights for NetVault: Backup 8.1 include

Full VMware Consolidated Backup (VCB) Support

  • Offers the flexibility to protect virtual machines deployed on a VMware ESX Server or multiple VMware ESX Servers from a VCB proxy server
  • Provides protection for virtual machine images or individual files on Windows guest operating system without the need for complex scripting
  • Tracks virtual machine migration with VMotion

Full VMware virtual machine backups

  • Provides virtual machines with protection from disasters, media failure and data corruption
  • Protects the entire virtual environment in case of a disaster, including log and configuration files as well as the VMDK data files

Increased flexibility

  • Gives administrators automatic integration with supported devices, including a VTL, SAN, NDMP or locally attached drives
  • Offers greater granularity for Windows on VMware by allowing customers to backup and restore individual files within virtual machines
  • Empowers storage administrators to create comprehensive, flexible backup policies without the need to understand VCB internals or create complex scripts

NetVault: Backup 8.1 extends capabilities beyond the backup and recovery of virtual environments. The solution reduces the load on ESX Servers and simplifies virtual environment protection by consolidating backups through single servers. This is especially important for businesses that need to reduce data center energy demands as they consolidate hardware.

[Source: VMBlog]

Parallels Debuts Software Certification Program

by Leave a Comment

Parallels announced today the Parallels Certification Program, which enables software vendors to test their products and certify their compatibility with Parallels virtualization software. Product certification provides assurance to end users that popular ISV applications are supported and compatible with Parallels virtualization solutions.

Parallels

Certification is available for software vendors that want to assure compatibility with Parallels virtualization products, including Parallels Virtuozzo Containers, Parallels Desktop for Mac, Parallels Server and Parallels Workstation.

Software vendors can register for certification free of no charge by going to Product Certification Application Form. The Parallels Certified Products catalog includes more than 100 solutions that span many application types and includes applications such as SugarCRM and IBM DB2. To access the Parallels Certified Products catalog, go to Catalog page.