Breaking Through the Virtual Glass Ceiling

"Virtualization...all the cool, smart kids are doing it!" Or at least in other words the message being pushed by the virtualization vendors. Usually this is a true statement. There are plenty of market studies that show that more than three quarters of medium to large enterprises are leveraging server virtualization technologies of some kind. What is not evident in that statement is that for most enterprises, their overall use of the innovation is not as widespread as is implied by the statement. For many organizations, virtualization utilization is in its infancy or not a material percentage of the overall IT infrastructure.

Even with the exponential growth of virtualization usage over the last few years, the majority of applications have been based on simple consolidation ROI and used primarily in areas of low risk. Recently the term "VM Stall" has been thrown out along with some innovation that identifies some of the top reasons why organizations have at first deployed virtualization at a high rate but at the time significantly slowed that pace down - a virtual "glass ceiling" built on a number of common factors. The good news is that all of these concerns are addressable, and organizations can continue deploying virtualization and reap not only the simple consolidation ROI, nevertheless also start moving toward the operational efficiencies promised by utility or cloud computing. The following sections will outline some of the most common areas of concern and provide some guidance on how organizations can break through that ceiling and achieve their virtualization goals.

The brakes on virtualization deployments

Cloud ConfusionCloud computing must take some responsibility for putting the brakes on virtualization deployments. For over a year but, VMware has transitioned their marketing towards "cloud." Every ecosystem software vendor has followed suit with some angle on how their software enables cloud. The problem is that companies that are not sophisticated virtualization users are getting confusing and at times conflicting messages not just about what cloud is, nevertheless how it can be used. The result of this is that some CIOs are pausing and looking at their virtualization efforts and at that time attempting to reconcile cloud. Do I even need cloud? When? Do my current virtualization plans conflict with or complement a cloud future? These are all valid questions that unfortunately end with answers like, "It depends." This in itself is not a bad idea, yet because of the mixed messages around cloud, making an informed decision can be complicated. My suggestion for organizations that are stuck in cloud confusion: Move forward and keep virtualizing! There are enough benefits to virtualization technologies that warrant moving forward, and based on the road maps of the major hypervisor vendors, the ability to leverage cloud from existing virtualization deployments will be a key feature of each vendor's solution.

Security ConcernsAnother key issue that prevents some applications from being deployed in virtual environments revolves around security and compliance. Applications just as health care and financial transactions that fall in accordance with regulatory control of HIPAA or PCI have been the ones most impacted by these concerns. Partially this is due to a lack of specific requirements or ambiguous language in the documentation. The PCI Council has addressed the virtualization concerns in their latest release of the DSS [1] and in its accompanying guidance document,[2] which exactly clarifies that use of virtualization is not expressly excluded from PCI environments. There is as well concern over virtualization being "different." Although it's true that virtualization is a new layer in the IT stack, all of the traditional security domains apply. Actions like Access Control, Network Inspection, Segmentation, and Separation of Duty are all required in the virtual datacenter. For some items, existing security measures and software will suffice. Just in case, as virtualization has matured, the hypervisor vendors as then as the ecosystem have begun to offer solutions to address these areas with specific attention to the virtual domain. Although virtualization is somewhat different, it's not new security practices that need to be performed, it's new approaches to the same practices that may require virtualization-specific software and staff knowledgeable enough in both virtualization and the security domains to be able to apply the security concepts appropriately.

The list of concerns that slow down adoption

Staffing IssuesThe staffing issue is then in the list of concerns that slow down adoption. It's not just in the security area that a specific virtualization skill set is needed. For many enterprises, virtualization knowledge is held within a small team. This team is independent of the other traditional data center groups of infrastructure, security, storage and software applications. Now virtualization is in a class by itself in that the domain crosses all of those groups. The typical scenario is that although an enterprise has been successfully growing the virtual environment, the team may not be keeping pace. At some point the team will start to lose their ability to manage the environment to its fullest, which can manifest itself in a non-performing environment or a reluctance of the team to take on more applications; both slowing and stopping growth. A solution to preventing the situation is first to fully accept that successful virtualization requires a much greater cooperation between what were traditionally siloed research groups. Something in other words easier said than done, yet an absolute necessity. This allows for shared responsibility and distribution of the management of portions of the virtual domain to groups better positioned to own these technologies. This will cause a trend toward the virtualization team becoming more architects and conductors of the virtual environment, during the day-to-day management is broken down into the sub-domain experts.

There is strong evidence that enterprises reach a level of virtualization deployment that causes the process to slow down, and that cloud confusion, security and compliance, enterprise/staff maturity, and manageability are top on many CIO's minds. Virtualization and cloud computing are a paradigm shift. With that shift lies the commonality in all of the suggestions above, a change in approach and thinking for how datacenters are managed, that will enable organizations break through the virtualization glass ceiling.

Mike Wronski is Vice President of Product Management for Reflex Systems. He brings more than 15 years of industry experience to his role as VP of Product Management for Reflex Systems. Mike's broad IT experience, ranging from large carrier data networking to virtualization stems from earlier held senior roles at Starent Networks(nevertheless part of Cisco), Cambia Networks, 3Com and USRobotics. Wronski holds a CISSP and Certified Ethical Hacker certifications, as so then as an MBA, and a Bachelor of Science degree in Computer Engineering from Florida International University.