When it comes to securing virtual environments, you have to take different measures from those for traditional physical security.
With virtual security, new attack vectors –that is, the means by which a hacker gains control of a server OS — must be protected to prevent breaches. Because of these vectors — and thus risks — virtual security requires you to secure the host and each virtual machine (VM).
In this tip, we cover the kinds of attacks you should be concerned about as you develop a virtualization security strategy as well as considerations and best practices for the various components of your infrastructure.
There are many physical attack vectors, from physical consoles to a guest OS to the applications that run on an OS. To secure a physical system, you must have a locked data center that restricts access to the console. Next, you secure the operating system and applications, and finally, you implement security controls — such as a firewall — at the network layer. With virtual security, these breaches still apply, but there are other avenues by which an attacker can gain access to a VM.
Read the full article at searchservervirtualization.com (Part 1 of a 2-part article)
Also read Part 2: Virtual network security best practices
In the context of virtualization, vendor lock-in often has negative connotations. But if a company provides solid products and support, this practice of purchasing the bulk of your data center components from a single vendor can be beneficial.
Few vendors have the product lineup to supply every facet of a data center infrastructure, with the exception of Dell Inc., Hewlett-Packard Co., and IBM. But many vendors can fill most IT needs and then bridge the gaps through strategic partnerships. VMware Inc., for example, has teamed up with EMC Corp. and Cisco Systems Inc. to form the Virtual Computing Environment (VCE) coalition. Together, these providers have bundled servers, storage and virtualization capabilities into a single product, which essentially locks customers into their vertical stack.
This tip offers a new way of thinking about vendor lock-in. It covers the pros and cons of this approach to building your virtual infrastructure and provides advice for those who choose a single-vendor approach in a virtual environment.
Read the full article at searchvmware.com…
Virtualization is often a game of numbers. As you choose virtual hardware, you have to consider some important metrics, such as the number of virtual machines (VMs) that reside on a host or logical unit number (LUN).
If you haven’t determined what these numbers should look like in your environment, your infrastructure will likely suffer from poor performance. This tip highlights key virtual hardware statistics to consider, which include consolidation ratios and virtual CPU counts. As you design and configure a VMware vSphere infrastructure, these performance metrics help prevent an infrastructure from becoming resource starved.
Read the full article at SearchVMware.com…
Server and desktop virtualization have provided relatively easy ways to consolidate and conserve, allowing a reduction in physical systems. But these technologies have also introduced problems for data storage managers who need to effectively configure their storage resources to meet the needs of a consolidated infrastructure.
Server virtualization typically concentrates the workloads of many servers onto a few shared storage devices, often creating bottlenecks as many virtual machines (VMs) compete for storage resources. With desktop virtualization this concentration becomes even denser as many more desktops are typically running on a single host. As a result, managing storage in a virtual environment is an ongoing challenge that usually requires the combined efforts of desktop, server, virtualization and storage administrators to ensure that virtualized servers and desktops perform well. Here are 10 tips to help you better manage your storage in virtual environments.
Read the full article at searchstorage.com…