Server virtualization standards may fix network management, security

By Tessa L. Parmenter 01 Sep 2009 | SearchNetworking.com

News on networking, mobility and voice Digg This!     StumbleUpon     Del.icio.us

Gene Ruth, Burton Group's senior storage analyst, raised these concerns while moderating a panel on "Reconciling Storage, Networking and Security in a Dynamic Datacenter" during Burton Group's recent Catalyst Conference. Many of the critical questions he posed to panelists remain unanswered: How do you secure a more open infrastructure? How do you manage the virtualized infrastructure? Where are network management tools for virtualization?

Networking for server virtualization Server, storage virtualization cause network problems Server virtualization burdens network configuration Data center network consolidation reduces costs Video: Networking considerations for virtualizing SMBs

Resolving server virtualization security
If you want to make your virtual machines (VMs) more secure, you may have to take away their flexibility. Bret Hartman, CTO at RSA, the security division of EMC Corporation, believes limiting the mobility of VMs might allow organizations to gain scope of VM controls and enforce appropriate security measures.

More importantly, as a network opens up to include the cloud and virtualization, "we actually need more security, not less," Hartman said. "You just have to make consistent security because there's more places to enforce it."

What kind of security measures would you need to put in place? Enterprises could try encrypting at multiple layers of the stack; they could push identity into the network; or they could add multiple perimeters. The best approach isn't exactly clear, but it's safe to say it will be costly.

"If cost of security is a No. 1 concern [for your enterprise], then the cloud is probably not your answer," said Lin Nease, director of emerging technologies for ProCurve Networking by HP.

Network professionals managing virtual servers
Server virtualization blurs the lines that separates storage, network and security technologies, making it hard for IT departments to decide which sector controls what when deploying, managing and maintaining a dynamic data center. Many experts agree, however, that a virtualization deployment won't be successful without the right networking infrastructure in place.

"The networking people can't just do all their planning and deployment in a vacuum; they have to coordinate closely with the server people, the storage people and the security people because the networking is integral to those other systems," principal Burton Group analyst David Passmore said. "You just can't decompose the data center into a bunch of autonomous piece-parts. They really have to come together."

Vendors fixing server virutalization problems Virtual switches add server virtualization scalability Virtualization jumpstarts core network services business Cisco's Nexus switches unlock network performance bottlenecks Q&A: VMware CTO talks virtual server networking

Virtualization challenges network management, too, because network professionals have no visibility into virtual hardware. Some vendors are working to fix these problems. For example, SolarWinds and PacketTrap Networks introduced free virtualization management modules to their core products. Meanwhile, Cisco introduced its Nexus 1000v switch, and Arista Networks released its vEOS, two virtual network switches that work with VMware's infrastructure to give network managers better visibility into the network connections that occur virtually within a physical host. VMware CTO Stephen Herrod has even spoken about establishing new partnerships and creating new products to ease these issues -- but these are still in the making, and market choices are still slim.

Will standardization fix virtual server problems?
Many experts believe a harmonious virtual deployment could be achieved through the implementation of industry standards. However, network managers should be wary of vendors that try to push their own proprietary technology as potential industry standards.

"It's often the case that vendors who are early in a market try and set their own de facto standards and then force everybody else to play catch-up," Passmore said. "So that often leads to competing, incompatible standards."

He pointed to the debate over whether businesses should implement Fibre Channel over Ethernet (FCoE) or iSCSI for their virtualized data centers.

"What's driving this [debate] is the ability to use Ethernet for storage networking and use the same Ethernet LAN connections for storage as you would for all of your other traffic," Passmore said. "So you could get by with half the cabling, half the number of switch ports, half the number of server ports and really save a lot of money and have a lot of flexibility."

"To make that happen, it does require some standardization," he said. "In this example, where we have two competing standards -- like FCoE versus iSCSI -- it's not particularly clear which one is going to be the long-term survivor. Perhaps they will continue to co-exist for many, many years."

However, if vendors agreed on one standard, you could not only save money, but potentially work out appropriate security requirements or a network management solution that would give network professionals visibility into one form of virtual network infrastructure. But this requires a level of cooperation among vendors that they are not currently prepared for.

Alternate resolution could be gained, according to Passmore, through educating the IT departments involved in a virtual deployment.

"What you're trying to do is build a consensus on what's the appropriate direction going forward," he said. "At this point, a lot of it is simply education, where the networking people have to learn about data center storage systems and storage virtualization; and conversely, the storage people have to learn about different types of networking that they might use -- now including Ethernet, rather than just Fibre Channel. Before the people can decide on what to standardize, they all need to get educated as to the different choices out there."

Tags: Managing Virtual Relationships,  Server Virtualization,  Data Center Network Infrastructure,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Managing Virtual Relationships Virtualization certification guide for the networking pro New virtual server networking standards to offer network admins control Virtual switch standards: Let the fighting begin (again) What network managers need to know about virtualization planning Virtualization change and configuration management primer Green data center networks: Smarter architecture, not expensive devices Virtual network switches add scalability to server virtualization Virtualization Management at Interop; new focus for network managers Force10 launches new cloud computing, data center core switches Cisco unveils Unified Computing, merging servers, storage and networks Server Virtualization Vyatta 3500: Large enterprise 10 GbE router play with an open source twist Virtualization certification guide for the networking pro Virtualization change and configuration management primer Green data center networks: Smarter architecture, not expensive devices Server, storage virtualization is a network problem: Are you prepared? Virtualization: The next generation of application delivery challenges How server virtualization improves efficiency in a client-server model Data center virtualization can cut network costs but adds complexity VMware CTO talks virtual server networking at Interop F5 tackles virtualization with application delivery platform BIG-IP v10 Data Center Network Infrastructure Q&A: ProCurve CTO talks converged data centers, desktop virtualization Gigabit Ethernet backbone switch allows school to digitize classes Unified fabric: Data center bridging and FCoE implementation Unified data center fabric primer: FCoE and data center bridging 2010 predictions from some of the top networking industry analysts Data center networks in 2010: Two-tier networks arrive Out-of-band network management ensures data center network uptime 3Com acquisition confirms HP-Cisco battle for China Where's the Juniper unified fabric strategy? Still waiting FCoE network roadmap: Do you need a unified fabric strategy?

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary