History

The Center for Internet Security (CIS), a popular neutral entity developing security guidelines and benchmakrs for operating systems and security products, just released first edition of its guide for virtualization environments Virtual Machines Security Guidelines.

The 30-pages whitepaper details a list of possible threats for virtual machines and a series of common sense security measures to apply to guest operating systems.

This list doesn’t detail hardening of each OS since other CIS documents already cover these topics extensively. If hardening procedures are already enforced, this document doesn’t add any extra layer of security.

The guide doesn’t even cover hypervisor hardening, which is the real critical part to protect. CIS plans to release an addendum just for VMware ESX Server.

Read the whole whitepaper at the source.

Quoting from the Hitachi Data System official announcement:

Hitachi Data Systems Corporation, a wholly owned subsidiary of Hitachi, Ltd., today announced that it has obtained certification under VMware’s new external storage virtualization hardware certification program. The Hitachi Universal Storage Platform and Network Storage Controller systems are now certified with VMware Infrastructure 3 as part of the new program…

The long rumored servers which pre-loads hypervisors are finally unveiled. First company to announce is IBM:

IBM previewed today the fourth generation of its chipset technology, X4, to be available in a high-end, scalable server leveraging the latest in quad-core processing technology from Intel. The System x3950 M2 server will debut a new embedded hypervisor capability, enabling clients to easily deploy virtualized server applications right out of the box.

…

The new system will be ready for virtualization right out of the box by eliminating software setup and installation time. An internal USB interface will accommodate chip-based or “embedded” virtualization software preloaded on a 4GB USB flash storage device.

The new system offers double the memory slot capacity. Four times the amount of memory can be hosted on a single chassis compared to the previous system, enabling more virtualization workloads…

Citrix/XenSource is the first company to announce support for this new class of servers, with its just announced XenExpress 4.0 OEM Edition. VMware is expected to follow announcing ESX Server 3.5i at VMworld next week.

Last month virtualization.info unveiled that VMware is about to announce a new version of its flagship product ESX Server just for OEMs. Dell, IBM, HP and others are working with VMware to deliver hardware appliances with hypervisor pre-installed in Solid State Disks (SDD).

Such announcement is expected for next week, when VMware will open its VMworld conference in San Francisco, but new virtualization giant Citrix/XenSource beaten VMware on time:

XenSource, Inc., the leading provider of enterprise-class virtualization solutions based on the high-performance open source Xen hypervisor, today announced XenExpress OEM Edition, a new embedded virtualization platform targeted at server vendors and other original equipment manufacturers (OEMs).

XenExpress OEM Edition enables OEMs to include a full virtualization platform as an integrated component of every server, pre-installed in system flash or on the hard disk.

The new product enables the server to boot with multiple BIOS partitions at system power-on, making it ready to install and manage virtual machines. XenExpress OEM Edition offers flexible management interfaces, and full interoperability with both the Microsoft and VMware virtual machine formats.

…

XenExpress OEM Edition is fully compatible and upgradeable to the new advanced management features in XenSource’s flagship virtual infrastructure product, XenEnterprise v4.

…

XenExpress OEM Edition will also provide future support for migration to the virtualization capabilities in Microsoft Windows Server 2008.

…

XenExpress OEM Edition is available today to OEMs who wish to integrate the product into their solutions…

Hardware appliances for virtualization will easily become the most important selling point for SMBs. And it’s likely every virtualization vendor will offer its hypervisor in OEM version in near future, including Microsoft.

If VMware counted on this option to conquer the SMB market (besides aggressive discounts), it may have a harder time than expected.

After over one year of development, VMware finally launched in July its benchmarking solution for virtualization platforms: VMmark 1.0.

Now, after two months the company is ready to publish results VMmark returned on a wide range of systems, from quad-core to 16-cores, produced by Dell and HP.

Results are very interesting and worth a deep analysis of configuration details and tiles performances.

Despite that they are still far away from being really useful without comparison terms and a broad acceptance from other virtualization vendors.

Vizioncore and Invirtus are both virtualization companies controlled by Quest, which remained in stealth mode on virtualization market so far.

This behaviour is slightly changing since July, when Quest started shaping its company strategy allowing Vizioncore to resell Invirtus products under its own brand.

Surprisingly enough Vizioncore not only completed the integration but also revamped its own product line dropping popular names like esxRanger and esxReplicator.

The result is a brand new and articulate offering which addresses several virtualization challenges:

• vRanger Pro (formerly esxRanger Professional)
  Provides image-level hot backups of either entire virtual machines or differentials – simply and easily while virtual machines continue running
• vCharter (formerly esxCharter)
  Provides a top-down view of performance for the entire virtual infrastructure in a drill-down display that shows each level – beginning with the container and then through to the host level as well as all virtual machines
• vReplicator (formerly esxReplicator)
  Supports replication of entire virtual machines including configuration settings, OS patches and the application itself as well as the data and all other OS-level changes
• vMigrator (formerly esxMigrator)
  Migrates virtual machines to new platforms while keeping the source virtual machines intact and unmodified, allowing them to be used even as the virtual machines are ported to new production servers
• vOptimizer (formerly Invirtus VM Optimizer)
  Reduces a virtual machine’s virtual hard drive to the smallest size possible and optimizes guest operating systems for maximum performance and portability
• vConverter (formerly Invirtus Enterprise VM Converter)
  Significantly reduces the time and effort spent converting physical and virtual servers to VMware, Microsoft or Virtual Iron virtual machines
• vPackager (formerly Invirtus Libra)
  Provides a virtualization collaboration solution via virtual appliances by extending and optimizing the use of VMware Snapshot and Microsoft Differencing Disk technologies.
• vEssentials (formerly esxEssentials)
  A powerful bundle package consisting of vRanger, vReplicator and vCharter for organizations looking to enhance disaster recovery and simplify the overall management of virtual infrastructures.

It’s now very likely Vizioncore next step will be integrating these products in a single virtualization suite, going to compete even more against PlateSpin.

InovaWave is ready to bring on VMware ESX Server its optimization technology known as DXtreme.

This version, which will be available as beta later this month, features:

• Intelligent Optimization Engine
  Improves utilization of hardware resources by leveraging core intelligent, adaptive and predictive optimization engine.
• Resource Prioritization
  Ensures optimal performance by dynamically allocating virtual I/O paths for hosted virtual machines.
• Resource Utilization
  Optimizes disk I/O operations by intelligently utilizing CPU and memory resources for more balanced and effective resource utilization.
• Targeted Optimization
  Enables organizations to designate which virtual machines to optimize on each host server to ensure alignment with overall performance goals.
• Full VI3 Support
  Fully supports VMware Infrastructure 3 (VI3) environments, including High Availability (HA), Distributed Resource Scheduler (DRS), VMotion and Consolidated Backup (VCB).
• Comprehensive Storage Support
  Optimization capabilities support iSCSI, SAN, DAS, and NFS storage configurations.
• Optimal Architecture
  Complements ESX Server and provides an easy-to-use, low overhead, seamless solution for optimizing ESX Server. In addition, VirtualOctane does not require modifications to the guest virtual machines and is operating system agnostic.

VirtualOctane was originally named DXtreme for ESX, and it was initially planned for Q1 2007, along with a version for Xen-based products. Under the new name InovaWave now retargets for mid-October 2007.

Quoting from InternetNews:

…

If you run more application server instances, the thinking goes, you can do more work, applications can take on more loads, and so businesses derive more value from the enterprise software they’ve purchased. BEA argues that to have a pricing model tied to the underlying hardware and number of CPUs is no longer appropriate.

“For customers to stay with the CPU pricing model in virtualized data centers is restrictive. It’s difficult to take advantage of the flexibility of the virtualization platform and to account and track and plan for software costs,” says Pritchard.

The company is list pricing the solution at $13,000 per instance…

Read the whole article at the source.

While BEA finally moves towards virtualization, even if it just talk about virtual appliance version, other major companies refuse to make same step. Oracle is one of the worst.

Quoting from InformationWeek:

In March, Gartner ignited the blogosphere by stating the obvious: Virtualization creates new attack opportunities.

…

Just how risk-exposed are we today? After all, in that same report Gartner predicted that a patch-worthy hypervisor vulnerability would be discovered in a mainstream product before the end of 2008. These potential vulnerabilities fall into two broad categories. First, if you can escape a client OS and move into a host OS, you have access to the data on all the other client operating systems on that machine. And there are whole new realms of rootkits being designed to take advantage of virtualization technology…

Read the whole article at the source.

The virtualization.info Virtualization Industry Prediction has been updated accordingly.

Quoting from the SunGuard official announcement:

SunGard Availability Services today announced it is now offering support of VMware®ESX Server 3.x and the distributed services that are part of VMware Infrastructure through its Operating System (OS) Management Service. With this enhancement, SunGard now provides full management of customers’ systems running in a virtualized environment on the VMware Infrastructure platform-a key milestone in the company’s ongoing virtualization initiative. The service includes a VMware VirtualCenter management server to monitor and manage a customer’s virtual machines, as well as complete monitoring, management and reporting of the physical servers.

…

The enhanced Operating System Management Service featuring support of VMware ESX Server and the distributed virtualization services that are part of VMware Infrastructure is available today.