Getting Ready for Virtualization

By Stephanie Jordan
in

It is generally accepted that interest in virtualization will continue to grow in 2009. With many organizations considering or implementing the first stage of virtualization in the data center, it is a natural outgrowth that other areas will follow. When Osterman Research, Inc. conducted its Messaging Virtualization Market Trends, 2008–2011 research, it found reducing costs and improving disaster recovery/ business continuity were the primary reasons for deploying messaging virtualization. According to the report, “Other important reasons to deploy virtualization, cited by roughly three in five organizations as a driver or major driver, are optimizing the IT infrastructure, to make it easier to add additional capacity to existing services and to reduce the cost of IT labor.”

How fast this adoption takes place is hard to predict, as the Osterman report notes only 34 percent of those decision makers polled had a modest understanding of how virtualization could be used for email server applications. The report also states, “nearly two-thirds of IT decision-makers are no more than modestly aware of the existence of commercial or open-source virtual appliances for messaging functions.”

Is Virtualization Right?

The promise of virtualization is making headlines everywhere. But as with any new implementation, a careful planning process should take place beforehand. Prior to an organization virtualizing its data center, Tripwire, Inc. in its paper, Secure Virtualization: Achieve and Maintain IT Security in Virtual Environments, notes there is tremendous benefit to virtualization, but stresses that organizations need to be prepared. The company offers three questions that should be addressed before virtualizing:

  1. Can the organization ensure that each virtual machine is appropriately configured and tested, and that it can support those virtual machines within its computing environment?
  2. Does the organization have a plan for assessing, monitoring and reporting on the state of its physical and virtual systems?
  3. 3. How will it track the deployment and compliance of new virtual machines?

Tripwire comments, “The one thing that virtualization experts and analysts agree on is that without solid best practices and management tools that include configuration audit and control, the huge savings and convenience that initially lure a company to virtualize can just as easily turn into a network and data security nightmare. After all, these virtual servers are indeed servers, with the same needs for updated security patches, access controls for only those that need it, and adherence to all the same policies companies apply when managing and controlling their physical systems. In fact, because virtual servers can spin up in mere minutes, but vaporize in an instant, they present some additional challenges and security holes that physical servers don’t. Organizations that don’t protect their virtual servers with the same diligence as they do their physical servers may be at risk of serious consequences—calming upset customers, paying fines for improper data handling, losing productivity and income when customer-facing and business-critical applications go down—the list goes on.”

In the current economic environment, IT dollars are becoming increasingly precious. As a result, even more good planning and research than before (if that seems possible) is critical.

Published January 16, 2009