Virtualization.com

News and insights from the vibrant world of virtualization and cloud computing

Eric Siebert

Payment Card Industry Lack Virtualization-Specific Requirements For Security Audits

by Leave a Comment

Good catch by Eric Siebert over at the Server Virtualization Blog: the Payment Card Industry’s data security standards (PCI DSS), requirements set forth by the major credit card players – Visa, Mastercard, American Express and Discover in order to protect credit card data, apparently don’t have any virtualization-specific requirements put into practice so far.

“Having just survived another annual PCI compliance audit, I was again surprised that the strict standards for securing servers that must be followed contain nothing specific concerning virtual hosts and networks. Our auditor focused on guest virtual machines (VMs), ensuring they had up-to-date patches, locked-down security settings and current anti-virus definitions. But ironically, the host server that the virtual machines were running on went completely ignored. If the host server was compromised, it wouldn’t matter how secure the VMs were because they could be easily accessed. Host servers should always be securely locked down to protect the VMs which are running on them.”

Read the rest of the blog post here.

What’s The ROI Of Virtualization?

by Leave a Comment

Cost reduction is always mentioned as one of the benefits of virtualization, but there are little case studies featuring actual numbers available to prove it. That’s why this post on Server Virtualization Blog by Eric Siebert was a refreshing read. Eric writes:

In today’s world the cost of just about everything has been on the rise. Fuel costs in particular have a ripple effect on just about everything we buy which also affects computers. That’s why virtualization is a great way to offset those increased costs. Providing power and cooling to a data center can be a very big expense, virtualizing servers can dramatically reduce this cost. PlateSpin provides a nice power savings calculator on their website. If we plug in the following numbers:

  • 200 physical servers
  • average usage of 750 watts per server
  • average processor utilization of 10% before virtualization
  • target processor utilization of 60% after virtualization

The average power and cooling savings a year comes out to $219,000 with a consolidation ratio of 5:1 based on a cost per kilowatt hour of 10 cents. As the cost of power increases the savings become even greater, at 12 cents the cost savings become $262,800 per year and at 15 cents the cost savings become $328,500 per year.

Of course savings will vary based on a number of factors including how well utilized your physical servers are before virtualization, your consolidation ratio which can sometimes be as high as 15:1 and also your location. Different parts of the country average different costs per kilowatt hour, California and New York tend to be the highest at 12 – 15 cents per kilowatt hour where Idaho and Wyoming are the cheapest at about 5 cents per kilowatt hour. Power costs tend to rise a lot more then they go down so the argument for virtualization from a cost perspective becomes much easier when you factor in the potential savings.

Full post here.