Security and regulatory concerns slow some server virtualization efforts
Security and regulatory concerns have some users warily eyeing the move to server virtualization.
For example, during the past year, the Stanford Hospital & Clinics, part of Stanford University in Palo Alto, Calif., has shifted about half of its applications from traditional server platforms to VMware-based virtual machines (VM) -- and found it strongly impacted decision-making on security.
"You change the character of the IT infrastructure," says Mike Mucha, information security officer at the hospital, about what he's seen in virtualization's impact. "There's uncertainty."
"Virtualization tends to be an extension of the server component and it's led by the server team," Mucha says. But virtualization's switching aspect means the traditional network itself is altered, which Mucha notes has generated some "pushback" from the network and storage teams that also have to be at the table when it comes to making decisions.
"The server people are taking on non-traditional roles, making decisions about network architecture," he says about virtualization's impact in his organization.
Security questions come up, such as where to deploy intrusion-detection and management systems or firewalls, in a virtualized world.
There's awe in the instantaneous speed that VMware offers in set up and tear down of VMs but worry about potential abuse of that power, too, deliberate or unintentional.
Mucha decided Stanford Hospital & Clinics would benefit by adding another layer of security controls for VMware's ESX servers and management console by inserting the policy-enforcement appliance from start-up HyTrust.
The HyTrust appliance places controls on administrative and user decision-making responsibilities, plus adds some VM-focused intrusion-detection capability.
"It gives us some controls," Mucha says, adding when it comes to virtualization, a new era of risk mitigation is emerging that has to be addressed, especially as Cisco, Juniper and other traditional switch vendors introduce further virtualized switching technologies.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
virtualization
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
