virtualization.info Editors

One hour before starting a joint webcast with Citrix about its new virtualization strategy for desktops, Microsoft briefly announces a number of new initiatives, upcoming technologies and licensing changes.

About hosted desktop virtualization:

• The Windows XP SP3 virtual machine that can be run on Windows 7 Virtual PC, called XP Mode, will no longer require hardware virtualization to be executed.
  This is probably the best way Microsoft found to solve the problems that Sony created to many customers with its shortsighted strategy.

  The new version is available now as a hotfix.

About bare-metal server virtualization:

• Windows Server 2008 R2 Service Pack 1 will introduce a memory overcommit technique for Hyper-V R2 called Dynamic Memory.
  The news leaked at the beginning of February.

Read more

In perfect sync with the release of Citrix XenApp 6.0, VMware announces ThinApp 4.5, the application virtualization platform that acquired from Thinstall in January 2008.

After the acquisition VMware released only one major update for ThinApp: version 4.0, in July 2008.

Version 4.5 (238809) released today introduces a number of new features that the former CEO of Thinstall, Jonathan Clark, discusses in details on the corporate blog. The list includes:

• Support for Windows 7 and Windows Server 2008 R2
  Existing packages can be upgraded through a new Relink utility. Need to rebuild or repackage applications.
• Support for MSI packages larger than 2GB without requiring multiple CAB files

Read more

The popular security firm Core Security yesterday disclosed a serious security vulnerability found in all Microsoft hosted virtualization products, including Virtual Server 2005, Virtual PC 2007 (with and without SP1) and Windows 7 Virtual PC.

While Core Security is using the “hypervisor” terminology, this bug doesn’t affect any bare-metal virtualization platform Microsoft has, including Hyper-V and Hyper-V R2.

The vulnerability affects the virtual machine monitor (VMM) memory management.
It makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system. By leveraging this vulnerability it is possible to bypass security mechanisms of the operating system such as Data Execution Prevention (DEP), Safe Structured Error Handling (SafeSEH) and Address Space Layout Randomization (ASLR) designed to prevent exploitation of security bugs in applications running on Windows operation systems.

Read more

Earlier this week, CA announced its support for Oracle/Sun Solaris Containers (aka Zones) OS virtualization technology in a number of products:

• Spectrum Infrastructure Manager
• eHealth Performance Manager
• Spectrum Service Assurance
• Spectrum Automation Manager

CA calls then its virtualization management platform but the technologies above primarily support physical servers and over time added support for VMware ESX and now Solaris Containers.

Read more

Earlier this week, Citrix published an interesting article about average bandwidth consumption for different XenDesktop 4.0 remote sessions.

While the purpose of that post was to promote its Branch Repeater technology, which may or may not be interesting for you, the provided graph is valuable as a reference for VDI planning:

Read more

Yesterday Intel launched its new quad-core/hexa-core Xeon 5600 CPU series (codename Westmere).

The always amazing AnandTech already published an extensive review, including some very interesting benchmarks, measured on VMware vSphere and Microsoft Hyper-V with VMmark and vApus Mark I frameworks.

First of all, some of the new processors have six cores,: X5650, X5660, X5670 and X5680, as well as the L5638, L5640 and the E5645. Additionally, the new silicon supports up to 288GB DDR3 RAM @ 1066Mhz.
This obviously helps to increase the VMs / core density in virtualization hosts, assuming there are no additional bottlenecks.

More importantly, Westmere CPUs decrease latency of VMs and the hypervisor transitions (VMexit) by 12% compared to Xeon 5500 (codename Nehalem) CPUs, and 50% compared to Xeon 5400 (codename Penryn) CPUs:

Read more

April 21, 2010 I’ll be at the Catalyst 2010 conference in Prague, hosted by Burton Group (recently acquired by Gartner), presenting a lecture titled Securing the Internal Cloud.

2010 is considered the year of cloud computing. Vendors like VMware, Citrix, Red Hat and Microsoft are releasing new solutions that turn virtualization platforms into Infrastructure-as-a-Service (IaaS) clouds.
There are new parts of the equation: side-by-side with the hypervisor and the management layer, there’s automation, billing, self-service provisioning, service catalogs, application SLAs, multi-tenancy and more.
Across the globe, customers are looking at this offering and evaluating the conversion of their data centers in private clouds, and security is one of the first aspects that should be assessed.

How do the new elements of a private cloud impact security?

In this session, we’ll explore the differences between a virtual infrastructure and a private cloud, trying to figure out if and how they extend the data center attack surface, and what can be done to handle any new threat that IaaS architectures introduces.

Read more

Citrix launches today the public beta of XenServer 5.6, which is released as open source since February, and Essentials for XenServer 5.6.

The list of new features includes:

• Dynamic Memory Control (DMC)
  This feature can increase the number of VMs per host by permitting the memory utilization of existing VMs to be compressed so that additional VMs can boot on the host. 
• Automated Workload Balancing & Power Management
  Workload balancing (WLB) offers the ability to reduce power consumption by consolidating workloads on the smallest number of hosts and powering off unused hosts.
  Power Management features include support for wake-on-LAN and vendor-specific implementations from HP, Dell, and others. WLB configuration now includes the option to exclude specific hosts from WLB algorithms.

Read more

For a long time Microsoft decided to not enter the VDI market, leaving the competition with VMware to its trusted partner Citrix.
Over time, the strategy slightly changed: in January 2008 the company acquired the startup Calista, and in July 2009 it released its first connection broker as part of Windows Server 2008 R2.

Considering its position in the industry, virtualization.info speculated that Microsoft is just waiting for the right moment to enter the VDI space in a serious way.

Now several parts reports that this week Microsoft will make its move, by lowering the VDI cost with a more friendly license and by making VDI more powerful, with the merge of Calista technologies in the RDP code.

Read more

VMware just closed an OEM agreement with Likewise to embed its technology in future versions of vSphere.

Likewise is a US company that offers several products for enterprise authentication. The most popular is simply called Open and it’s available free of charge as open source (GPL and LGPL licenses).
Likewise Open uses Pluggable Authentication Modules (PAM) and Name Service Switch (NSS) to authenticate non-Windows machines to Windows domains.
It supports Kerberos. NTLM and SPNEGO authentication. It also offers single sign-on for SSH services.

This partnership will allow Microsoft Active Directory users to seamlessly log-in on ESX/ESXi hosts.

virtualization.info received unconfirmed tips that this feature may appear within vSphere 4.1, currently in private beta.