Product Test and Buyer's GuideProduct Test and Buyer's Guide, 09/25/07By Tom Henderson1. How are versions of virtual-machine snapshots of images tracked? The 'snapshots' of images (including virtual-machine guest-operating-system states) must be tracked in terms of where they sit on the network, how they are being used and their appropriate fix and patch status. A popular use of virtual-machine technology is wrapping guest operating systems (with applications) into ISO or other mountable images that subsequently can be deployed in arrays of servers as virtual guests.
It can be critically important to make sure the images contain dependency modules and patches and fixes, and are otherwise in revision synchronization with each other, as well as with corporate-update policy. 2. How are moves, adds and changes administered? Virtualization implies mobility for hosts, guest operating systems and the applications that run on them. Because virtual machines are built to house numerous guest operating systems per host, moves, adds and changes will occur to guest operating-system or application instances. Keeping track of these developments is necessary, as is tracking host or neighboring-guest resource use and performance. Although each virtual-machine product vendor tracks performance and keeps statistics for location and performance control, heterogeneous guest hosts coupled to volatile guest operating systems and applications can present challenges to administrators auditing guests, applications and behavior. 3. How are virtual-machine and application dependencies kept in check? One of the benefits of a virtual machine environment is an agility that lets virtual-machine-supported applications be moved from one host hardware platform to another. To facilitate this movement, IT administrators will need to understand application availability on moved instances and on the dependency synchronization that is required among related processes. An example of these dependencies might be world-facing Web hosts that need back-end database accessibility; move one, and DNS, routing, and/or authentication settings may need to be changed. 4. How are user and administrative roles managed across virtual machines? As virtual-machine guest operating systems and applications become abstracted from specific hardware environments, image identity and secure authentication become very important. Administrative controls are needed from the point of building virtual-machine components through to making configuration changes, tweaking tuning parameters and accessing the virtual-machine infrastructure. Virtual machines can be moved readily from hosts to other virtualized hosts with ease. To stop image theft, alteration- and system-configuration-auditing controls come into play. Most organizations use hierarchical management policies to provide varying degrees of administrative control over hardware, virtual machines, guest operating systems and the applications running on servers. These varied types of access must be managed and an audit system put in place to track all activity. 5. What forensics is available to help determine why a virtual machine went down? Any time a virtual machine, guest operating system or virtual-machine-hosted application behaves badly, it becomes important for IT not only to know about the event, but also to understand the forensic information about the conditions leading up to the misbehavior. Location, settings, guest-operating-system and application activity, and other characteristics may play an important part in providing a quality feedback loop for forensics and decision support, as well as for help-desk control and audit purposes. To read more about our testing of virtual-machine management tools, please click here. |
Contact the author: BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment