CIOReview CIOReview
Women In Tech Review
  • Home
  • Technology
    • Agile
    • Artificial Intelligence
    • Audiovisual
    • Augmented & Virtual Reality
    • Big Data
    • BlockChain
    • Business Intelligence
    • Cloud
    • Cognitive
    • Content Delivery Network
    • Data Analytics
    • Data Integration
    • Data Visualization
    • DevOps
    • Digital Transformation
    • Digital Twin
    • Drone
    • Enterprise Architecture
    • FinTech
    • Gaming Tech
    • High Performance Computing
    • Internet Of Things
    • Machine Vision
    • Mainframe
    • Mobile
    • Networking
    • Predictive Analytics
    • Quantum Computing
    • Remote Work Tech
    • Robotics
    • RPA
    • SDN
    • Security
    • Simulation
    • Smart City
    • Software Testing
    • Storage
    • Video Surveillance
    • Virtualization
    • Web Development
    • Wireless
  • Industry
    • Agtech
    • Automotive
    • Aviation
    • Banking & Insurance
    • Biotech
    • Capital Markets
    • Casino
    • Chemical & Allied
    • Construction
    • Consumer Packaged Goods
    • Contact Center
    • Defense
    • E-Commerce
    • Education
    • Energy
    • Food
    • Healthcare
    • Latin America
    • Law Enforcement
    • Legal
    • Logistics
    • Manufacturing
    • Marine
    • Media & Entertainment
    • Metals & Mining
    • Naval Tech
    • Non Profit Technology
    • Oil & Gas
    • Pharma & life sciences
    • Proptech
    • Public Sector
    • Retail
    • Sports
    • Tech African
    • Tech Startup
    • Telecom
    • Textile & Apparel
    • Travel & hospitality
    • UAE
    • Utilities
  • Platforms
    • Adobe
    • Amazon
    • Cisco
    • Dassault Systemes
    • Dell
    • Google
    • HPE
    • HubSpot
    • IBM
    • Infor
    • Magento
    • Microsoft
    • NetApp
    • NetSuite
    • Oracle
    • Red Hat
    • Sage
    • Salesforce
    • SAP
    • VMware
  • Functions
    • Compliance
    • Contract Management
    • Corporate Finance
    • Environmental Health And Safety
    • GDPR
    • Human Resource
    • Marketing
    • Procurement
    • Sales
    • Supply Chain
  • Conferences
  • About Us
Go to...

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    • Home
    • VMware

    IT Nirvana: Being Fully Virtualized!

    By Hemma Prafullchandra, CTO & EVP Products, HyTrust, Inc

    Join With Our Contributor Network

    On progress..
    Success! Thanks For Joining With Our Contributor Network.
    You Have Already Joined With Our Contributor Network
    Sorry! Something went wrong. Please try again.
    IT

    Hemma Prafullchandra, CTO & EVP Products, HyTrust, Inc

    However in our experience with many in Federal, Healthcare, Financial, Retail and High Tech industries, we have seen that the last 1-20 percent of physical servers and applications pose the biggest struggle to virtualize. The initial dramatic cost savings from virtualizing tapers off fairly quickly, shown in the graphic below, as security and compliance requirements for the virtual infrastructure increase and become more complex as the criticality of workloads change. Enterprises must consider a programmatic approach and develop best practices, making virtualization a core part of the enterprise platform that satisfy all those requirements and leverage then virtualization eco-system technologies to efficiently manage and protect.

    "This is an area that IT should review and conside standardizing"

    There are many reasons causing the angst but the most prevalent are:

    • Maturity: typically virtualization adoption takes off in a small environment, such as development and testing environments, then non-critical applications such as print services, to limited production or core corporate services, and so on to finally get to virtualization as a standard Enterprise platform. Depending on the Enterprise’s virtualization journey they may still be planning, implementing and managing in an ad-hoc fashion, and not leveraging the full benefits that virtualization provides,such as rapid provisioning with master golden images, orchestration of complex workflows to provide capacity when needed, to quick recovery or fail-over in case of an incident or disaster. We found virtualizing mission-critical workloads such as Microsoft Domain Controllers is usually left to the last, not for performance reasons, but concerns over access control and data protection.

    • Mindset: there are many who still believe that virtualization still lacks the performance necessary for their application and prefer to remain on physical servers. Perhaps a little of ‘box hugger’ mentality. There are legitimate cases but the virtualization platforms have advanced significantly and so has the underlying hardware. Very few commercial applications remain that cannot be virtualized. Also, Type 1 hypervisors, such as VMware vSphere ESXi, exact little or no performance penalty, and there is hardware-assisted virtualization functionality that can be leveraged to enhance performance further, as described in the “Performance Best Practices for VMware vSphere 6.0” whitepaper. At a minimum we highly recommend that when your hardware is due for a refresh that virtualization is seriously considered and the new hardware purchases include these functionality, and a Trusted Platform Module (TPM) and Intel’s Trusted Execution Technology (TXT) to also enhance security by leveraging hardware-based root-of-trust.

    • Security and Compliance: as the criticality of the application and sensitivity of the data increases so do security and compliance requirements. Native virtualization platforms can satisfy some of these requirements but not all. For example, we have long had centralized AAA servers (Authentication, Authorization and Accounting) for users who access network services. The network could provide some level of these capabilities but it becomes a nightmare to manage and audit unless it can be independently verified and of course centrally managed and enforced. Similarly as the number of virtualized systems increases with a varying class of applications and data so does the need for independently and centrally managed security and compliance solutions. The good news is that security and compliance vendors have caught up and there are a number of solutions that can help achieve the ‘fully virtualized’ nirvana.

    • Pace of Innovation: to keep abreast of all the emerging technologies is challenging for all, but when the pace outstrips your ability to understand, design, and implement then its feels like a constant roller coaster. This is true for the innovations taking place in this area. Compute virtualization, such as VMware vSphere ESXi, is fairly mature, well understood and widely deployed. Network virtualization, both Software- Defined Networking and Network Function Virtualization are still in the early stages of adoption, and with all the ways they will change the way we deliver Infrastructure as a Service, essentially core IT services has not yet being fully understood. Software-Defined Data Center, Converged infrastructure and even Hyper-converged infrastructure, are all making IT infrastructure easier to manage, more cost and operationally efficient and able to perform at scale. With all this innovation, there are amazing times ahead. Enterprise IT personnel should be freed up from the mundane, and allowed to become the pathfinders who continue experimenting and adopting new technologies at a rapid pace. This is absolutely needed to remain competitive in all industries.

    Of course enterprises can always adopt a hybrid or public cloud infrastructure, and not build their own, with the viability of this option depending on the maturity of the cloud providers and their ability to meet enterprise requirements. Keep in mind, though, that you lose a lot of control when you outsource your infrastructure, although regardless of who owns and runs the infrastructure fiduciary and governance responsibilities remain always with the enterprise. You lose flexibility in terms of what controls you can implement, you lose at least some visibility and meanwhile gain concerns around the security controls implemented for multi-tenancy and sharing underlying hardware with other organizations. Recently a number of articles have been published stating that the recovery costs for security incidents double with virtualized infrastructure. Yet we find surprisingly VM encryption is not as widely used as you might hope to protect the application and data regardless of the private, hybrid or public cloud environment being used. Solutions are available, solutions that are easy to manage, easy to deploy and that do not impact performance and yet many organizations have still not yet implemented encryption for data that absolutely needs protection. This is an area that IT should review and consider standardizing. IT should also consider implementing a comprehensive set of controls that protect their assets, applications and data in any environment.

    The industry has come a long way, with the majority of workloads now running in virtual machines. As the end-game of nearly complete virtualization comes into view there are still opportunities for significant savings, but it is vital that those savings not come at the cost of security, compliance or operational best practices. Fortunately, there are tools and technologies including encryption, policy control, and automation for virtualized environments that can help organizations achieve if not full virtualization then at least more complete virtualization.

    On The Deck

    • IT Service Management

      2018-07-03

      #
    • Mobile Application Special

      2018-05-15

      #

    Editor's Pick

    • How Blue Shield of California implements finance technology in accordance with its mission and values Facing a 100% remote work environment, the 4.4 million-member nonprofit health plan also took a new approach to internal controls
      How Blue Shield of California implements finance technology in accordance with its mission and values Facing a 100% remote work environment, the 4.4 million-member nonprofit health plan also took a new approach to internal controls

      By Sandra Clarke, CFO, Blue Shield of California

    • Empowering Animal Welfare through Sound Science-based Solutions
      Empowering Animal Welfare through Sound Science-based Solutions

      By Karen Christensen, Sr. Dir. Of Animal Wellbeing, Tyson Foods

    • Top Digital Marketing Trends for 2021
      Top Digital Marketing Trends for 2021

      By Kara Jensen, Creative Principal, Bop Design

    • COVID-19 Creates a Myriad of Compliance Challenges for Employers
      COVID-19 Creates a Myriad of Compliance Challenges for Employers

      By Liliana Salazar, Esq. Chief Compliance Officer, Chief Compliance Officer, HUB International Limited

    • Challenges that Compliance Officers face Today
      Challenges that Compliance Officers face Today

      By Samantha-Anne Horwitch, General Counsel/Chief Compliance and Human Resources Officer, Citelum

    • Benefits of Having NetSuite ERP for Business
      Benefits of Having NetSuite ERP for Business

      By CIOReview

    • Simplify ASC Completes Its Acquisition of PhyBus RCM
      Simplify ASC Completes Its Acquisition of PhyBus RCM

      By CIOReview

    • Red Hat Acquires StackRox, a Validation of Its Approach to Container and Kubernetes Security
      Red Hat Acquires StackRox, a Validation of Its Approach to Container and Kubernetes Security

      By CIOReview

    • CVC Capital Partners Fund VII Signs an Agreement to Acquire STARK Group
      CVC Capital Partners Fund VII Signs an Agreement to Acquire STARK Group

      By CIOReview

    • Dave West and Irving Tan Joins Cisco
      Dave West and Irving Tan Joins Cisco

      By CIOReview

    Copyright © 2021 CIOReview. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy       |       Disclaimer