For all the savings and flexibility that server virtualization offers companies, maintaining network connectivity for virtualized environments can be a burden for IT operations.
"A [virtual machine] operating system and application can only be migrated to servers with appropriate network and SAN connections configured," said William Terrill, associate research analyst with Info-Tech Research Group. "This means setting a generic VLAN or zone for use by all servers in a cluster. If a virtualized application moves outside this group, the network infrastructure doesn't follow."
But network and security settings can't be too generic, or security will be weakened and network performance will suffer.
Terrill said many data centers solve this problem by setting up clusters of physical servers for similar applications that require comparable security and network settings. Companies will set up these slightly generic clusters, but as application demand grows, clusters will run out of capacity. This forces time-consuming manual reconfigurations.
"A lot of the companies we're dealing with right now that have gone the virtualization route are finding for every dollar they're saving on the [capital expense] side by moving into virtualization, they're basically losing a dollar on the operational side as these virtualized environments get moved around or have to change between network segments or locations," said Ken Ferderer, CTO of LineSider Technologies, maker of OverDrive, a policy-driven network infrastructure control and management server. "The actual act of having to go back and reconstruct all that network connectivity from all your users to the IP address that just changed is just tearing IT organizations apart at an operational level.
Steve Schuchart, principal analyst for enterprise network systems at Current Analysis, said the dollar-to-dollar ratio Ferderer described was an overstatement. But Schuchart agreed that IT organizations are facing labor issues on the networking side of virtualization.
The problem is more of an automation issue than anything, he said. Companies are trying to achieve the "utopian" state of the utility data center where IT has pools of network, servers and storage resources that can be allocated on the fly. "[Automation] software should automatically allocate more bandwidth, more processing power and create more virtual machines to handle the load," Schuchart said. "But we're in the very, very early stages right now. This technology is all baby right now."
Terrill predicted that 2008 will be the year when networking and network management vendors bring products to market to deal with this issue.
Last week, 3Com announced the addition of LineSider's OverDrive to its MSR Series Multi-Service Router platform. MSR routers integrate applications into the network infrastructure in an effort to simplify operations.
With OverDrive, an organization can create policies that direct the system to configure all relevant services required to support that policy, according to LineSider CEO Harley Stowell. "So you can have a single rule coming into the infrastructure service environment, and then routing, firewall, switching and VPN connections are all automated at the same time in response to a single request or policy," he said. "By virtualizing the network to our policies, we allow you to get that virtual machine's IP address changed, to make one single change at the policy level within our technology and then OverDrive will take that change and drive it down to all the existing connectivity and re-establish it to the new IP address."
Last summer, Cisco announced VFrame Data Center, an infrastructure management platform that allocates virtual server, networking and storage resources. VFrame is still in the early stages of adoption among enterprises, according to Cisco. With this new platform, Cisco is asking companies to accept a new way of architecting the data center with the network as the nexus point.
Schuchart doesn't see IT organizations accepting this philosophy: "I don't think the server guys and the applications guys are going to look at the network and say, 'You ought to be in control,' " he said. "They're looking at the network to help them and they're looking to the network to automate some servers, but they're not looking for the network to be the grand orchestrater."
The market will be seeing a tug-of-war between vendors who handle automation and orchestration, Schuchart said.
"I know I'm sounding vague about this, and the reason is because this market is a mess," he said. "No one knows what [should be] the center of the data center. Who runs the data center? Cisco says it should be the network. VMware says it should be VMware. IBM says it should be their products. CA will say it should be Unicenter. So companies will provide bits and pieces to hold it together while the market tries to sort itself out."