Secure Virtualisation: Tapping the Full Business Benefits of Virtualisation


Andy Ingram - Juniper

The primary benefit of virtualization is perceived to be cost reduction but in the long term it can deliver the flexibility to an organisation that allows for real agility within the business model.

The ROI model for virtualization has been well understood for some time which is basically if utilization of serversis low combining them all on one server improves efficiency. This has the added advantage of potentially taking up less space using less power and being easier to manage. The latest innovations in CPU technology allow many more virtual machines to be supported by increasing the number of processing cores in each effectively making each processor act like many.

The thing that is becoming obvious is that virtualization when allied to a number of emerging technologies can do much more than just save money.

The compute power of servers is growing exponentially the number of cores per socket and virtual machines per core means that the density of applications on each server will continue to grow this year many CPUs can now support up to 8 cores with the next generation 12 or 16. If we assume a conservative number of 4 virtual machines per core then a server could support up to 256 VMs. This flexibility provides business with the capability to more easily manage the deployment of new services and to initiate new business processes. There are always challenges, the first is that a huge increase in computing power will create a huge increase in I/O which potentially will go far beyond the capability of existing networks. The second issue is the potential for uncontrolled VM sprawl caused by the ease of deployment which can create security threats.

It is easy at this point to try and improve the performance of the network by just adding some faster components to the existing infrastructure. The challenge with this is not just the increase in latency but as the network becomes more complex so more consideration has to be given to the physical location of servers and storage and also the security policies related to each of these. The network itself should be invisible to the application and provide a completely seamless infrastructure that means any application can be deployed with the sweep of a mouse.

Equally security in the virtualised world looks much less like a castle with a moat and a drawbridge and more like a hotel where you check in with credentials and you can then gain access to the permitted resource. To achieve this security must work together with the network and be integrated into the Hypervisor of the virtual machines.

Only by building the network and security infrastructure into the planning phase for a role out of virtualised applications can the challenges of VM stall be overcome and the full potential realised. In this session we will look at the impact that security and the network can have on rolling out virtualization projects.