latoga labs

Yesterday was the VMware Community Roundtable discussion on View which featured VMware’s own John Dodge.  If you haven’t participated or listened into one of the roundtables, this is a great one for those who are doing or thinking about virtual desktops.

At one point the discussion turned to Employee Owned IT (EOIT) and offline desktops within View.  It was great to hear all the different individuals whose companies are thinking or implementing EOIT in some form or fashion.  One aspect of EOIT which I have touched on in the past, is security.  Security has come up with multiple of my clients when discussion desktop virtualization and EOIT; I was a bit shocked that the topic didn’t come up yesterday during the roundtable.

When you start letting employees bring in their own computers, connect to the corporate network, and then run a corporate supplied desktop VM locally (or connect to a corporate supplied virtual desktop remotely) to do their work there are still some security risks to keep in mind.  Namely, the uncontrolled operating system attached to your corporate network.

Corporate IT may have locked down the VM the employee is using, but more times than not there are not adequate security mechanisms in place to protect the network from the EOIT OS that is running on that EOIT laptop.  What sites were the employee’s children looking at last night?  What malware might be lurking on the EOIT laptop?  And that employee just plugged their laptop into your corporate network.

Walk into most large enterprises (and many smaller ones too), plug your computer to the physical network and you probably are now behind the firewall.  Many companies don’t have any security in place to prevent outside computers from getting an IP address and instant network access–I know this because I’ve had this discussion with my clients when discussing EOIT and I’ve done it myself in the past.  Most companies setup their wireless network to require authentication, and if it doesn’t require authentication it only gives you guest access to the Internet only.  But this is not the case for the physical networks because the assumption is that those inside the building should have full access.

For EOIT to really take off in enterprises, this existing security mindset needs to be addressed.  Either at the physical network level or at the local computer level.  Since the entire idea of EOIT is to not need to manage the computer, it puts us in a tough spot.  Most large enterprises would take years of time and lots of money to update the security on their network to a level that would enable EOIT for wide spread use.  Many smaller companies would do it much faster and cheaper where the cost savings of EOIT far out ways the security measures needed to be installed.

But how do you solve this problem for the large enterprise?

I know that it has been rather quite here at the Labs for the past few months.  Not only has 2010 started off with a bang of activity, but I have also been preparing for my new long term project (details at my photography blog).  So lots of exciting stuff for 2010, just need more hours in the day.  Below is an abbreviated list of virtualization links that have come out over the past 2 months that caught my attention:

VMware Specific Links

• Recent Releases
  • VMware Labs was recently launched, a place for VMware engineers to share the cool internal tools they build with the rest of the world as technology previews.
  • VMware View 4.0.1 was released mid-February with some issues being addressed and enhancements to the PCoIP protocol
  • Site Recovery Manager 4.0.1 was released mid-February addressing a number of issues.
  • vCenter CapacityIQ 1.0.2 was released mid-February addressing a number of report related issues.
  • vCenter Update Manager 4.0 Update 1 was released end of February addressing an issue related to the upgrade of Cisco VSM modules
  • Fusion 3.0.2 was released mid-February addressing an issue so that Mac OS X 10.6 Server can run as a guest.
  • Technology Preview – VMware Guest Console (VGC) an application to manage the Guest Operating Systems installed on VMs. Eric has the links on the latest leaks around VGC.
• One of the biggest desktop related announcements recently was the VMware Acquiring RTO Software. A deeper analysis of this acquisition (including why some parts of RTO Software was not acquired) by Brian Madden.
• Another big VMW announcement recently was that VMware to Acquire Several Management Products from EMC Ionix.  (Interesting thought experiments abound on the future of management tools within VMware and an Insider’s Perspective from Virtual Geek.)
• VMware’s Mike Colman describes The Art and Science of Remote Display Protocols after the release of a recent desktop virtualization report funded by Citrix which posted some confusing and questionable statistics.
• VMware recently released a white paper discussing Anti-Virus Deployment for VMware View, a key issue with anyone considering virtual desktops.  Many of my clients looking at View are also looking at VMsafe based Anti-virus solutions to overcome per desktop anti-virus performance issues.

General Virtualization & Cloud Links

• Gartner had a number of recent posts that talk about Windows kernel-level vulnerability, which also affect Hyper-V and shed light on the value of a dedicate hypervisor versus one that is extended from the Operating System.
• Steve Kaplan has a few months old but pertinent comparison of Cisco UCS vs. HP Matrix: strategic vs. tactical approach to virtualization. Both an interesting analysis/comparison of virtualization computing platforms as well as a between the lines look at the future of our enterprise computing market.  Make sure to browse thru the comments as well.

Today’s the big day, the big Apple announcement. Personally, I have been trying to avoid the rumor mills and gossip blogs over the past few weeks in order to focus on personal revenue generating activity (just in case I may want to purchase something from Apple in the near future). But this morning something on the radio news caught my attention, Apple will not be live broadcasting the event on the web. At first I thought this was strange, live broadcasts are the best way to engage clients online. But then my pre-coffee mind caught up, why waste all the money of live broadcasting it online? There is an entire battalion of Apple fans who will live blog/live tweet the event and make comments on today’s announcement for weeks.

This is the magic of both the Apple marketing machine and of social media in action…pay attention.

One other comment about today’s announcement, I hear so much media talk about today’s announcement to be a direct competitor to e-book readers. Without knowing if today’s announcement is a slate/tablet computer, one thing I do know for sure…Apple will not release a product that will compete with existing products in the market. They will product something that will help change the market or create an entirely new one. This is what Apple is great at, today’s announcement will not be just a way to compete on the e-book front, but likely something much more grandiose.

Oh, and by the way…there is a big Oracle/Sun announcement today too….in case you forgot.

Update: one other interesting point on the Apple announcement that some mentioned to me this morning is what does Steve look like. With all the rumors on his health seeing him at the announcement will be interesting. As well as reading between the lines with his speech; he should start messaging suscession plans so that analysts and public alike stop equating Apple with Steve jobs. The future of Apple has to be unlinked from Steve at some point.

This is not a new year predictions list.  Given the fact that it’s over two weeks into the new year, this is not a new year anything list.  However, after spending the better part of the year so far reviewing the business plans for my clients and working on 2010 strategies I thought it would be valuable to share the common trends I’m seeing as a snapshot of what large enterprises are doing with Virtualization and Cloud Computing.

Keep in mind that my clients cover a number of different business sectors, technology use cases, as well as technology adoption profiles.  Across all the business units and groups that I work with, nearly the full range of technology adoption categories are represented:  from early adopters to late majority.

Painting with a broad brush, here are the general trends that I’m seeing for the year ahead.  I’m interested in hearing from my readers on what they are seeing.  Please leave a comment and let me know!

Do More With Less…again

While economists and pundits alike claim the recession is over, I’m seeing the general attitude of doing more with less continue within Enterprises.  Part of this can be brought back to some groups leveraging the recession to invest in the future and work on game changing projects.  Some of this tends to be more cost cutting constraints where the cutting could be debated as being well past the muscle.  I’m even seeing a few groups adding in new key objectives for the year on top of the the ones they had previously agreed to, thus adding more work on the current staff levels.

IT As a Service

This has been one of the most talked about strategic initiatives for IT for over a decade now.  While the idea has had numerous names over the years, I’m seeing consistently more and more organizations moving their IT thinking to be more service based.  Rather than planning on a project by project basis, it’s about leveraging and maximizing the utilization of your infrastructure across all projects.  The logical out spinning of this is measuring and monitoring your capacity to stay ahead of demand.  IT organizations are either actively moving toward a services based approach or adapting their plans to start moving this way.  The biggest laggard in this area would be the financial systems to charge back IT services to the business units, but most IT organizations is not letting that hold them back — they just plan on adding that charge in when the financial systems catch up.   The side affect of this is the IT staff, those with an eye to the future are adapting their skill sets, those who aren’t will be wondering what happened when their jobs go away.

Private Clouds

While IT as a Service is not the same as Cloud Computing, there are many similarities.  Most of my clients are actively working on building Private Cloud environments where the end users are not just sharing all infrastructure as a service but are completely abstracted from the IT organization managing the infrastructure.  Users buy their VMs from a service catalog, get their VMs configured and deployed automatically and then get a bill with usage details every month.  When they don’t need their VM anymore, they click the delete button and watch their bill go down.  IT is moving to just configuring infrastructure and abstraction management tools and monitoring usage and planning for expansion.  The furthest along with this have gotten their with a small number of existing IT architects and engineers and will have an environment that can grow quickly with no additional head count needs.

Desktop Virtualization Foundations

Make no doubt about it; 2010 is the year that the foundation for desktop virtualization will be firmly cemented into IT.  The risk mitigation (keeping desktop data in the data center), time savings (quick deployment and updating times) and flexibility (re-use of physical office space for shift workers with each having their own desktop) of virtual desktops are understood and now being leveraged in pilot applications.  Once this genie is out of the bottle, desktop users will be wanting more.

The side affects of this include the eventual destruction of old dekstop oriented service vendors and the rise of new virtual desktop solution providers.  I don’t think the enterprise is ready for desktops in the cloud run by a 3rd party, but a few of my clients have been asking about putting desktops in their private cloud.

Cracks in the Towers

Another side effect of desktop virtualization is clear cracks forming in the various IT towers.  The knee jerk reaction I saw last year to desktop virtualization was the data center folks say “I’m not managing dekstops!”.  While moving desktops into the data center doesn’t shuffle the cards of responsibility for the different towers (the desktop team will still be supporting the desktops), it does force these towers to work together more than they have before.  Server teams talking to desktop teams.  Desktop teams talking to storage teams. All these teams talking to the networking teams.  The philosophies of “this is our domain and these are the rules you have to follow” are being softened by the stones being thrown at it from virtualization. Desktops in the data center requires everyone to think outside their normal boxes and understand the end users’ needs are changing.

Data Center Virtualization: Narrower and Deeper

As data center virtualization has continued on it’s march, it has resulted in the physical infrastructure options within the data center to narrow.  By standardizing on a smaller number of physical options within the data center, virtualize becomes less complex and automation becomes easier.  At the same time, the use cases for virtualization continue to get deeper.  Virtualization first policies are forcing all business units to run everything in a VM.

A side effect of these aspects of virtualization’s success is that CIOs are now looking at other areas of expense and driving for consolidation there as well: software, services, even real estate.

Migration to ESXi

VMware has been stating for a number of years now that ESXi (a thin hypervisor with API only access for automated management and a much smaller security attack surface) is the wave of the future. IT organizations have finally realized that VMware wasn’t kidding.  With only two weeks into the new year, I have seen more requests to discuss ESXi that I did all last year.  And with the automation and stateless aspects of ESXi that were talked about at VMworld 2009, I expect this area of activity to only pick up.

After finishing up a busy end of 2009, it’s time to catch up on some over due blog posts.

Recently, one of my clients discovered that SRM 4.0 has an issue editing the /etc/hosts file during DR failover of Linux VMs.  The result of the issue was the /etc/host file not being edited with the updated localhost entry as part of the failover process.

Good news is that the issue has been correct and should be rolled into the next point release of SRM.  If you are using SRM for Linux VM DR, keep watch for this update.