Hoff's take on VMware and VirtSec

Chris Hoff has done a terrific job of putting in perspective the role of VMsafe as a fundament of VMware's  ecosystem in the next few years. Incidentally, it helps clarify the impression I took away from VMworld 2008 that security was the "dog that didn't bark."

The importance of FastPath and SlowPath in VMsafe were evident from the outset. But, as Chris points out, VMware seems now encouraging a mini-ecosystem to be built around VMsafe.  As I think about it, starting with Paul Maritz' keynote, there was a clear message encouraging a community of partners to make major use of VMsafe.  These invitations were usually couched in terms like "encouraging partners to embrace and enhance VDC OS infrastructure management" and took on real weight for me when I took in the extraordinarily GOOD job Cisco did in architecting their Nexus 1000V offer.

Thanks, Hoff. Great insights.

Rational Survivability: VMWare's VirtSec Vision...Virtual Validation?

...  What this ultimately means to me is that within the next 24 months with the delivery of VI4, a mature VMsafe API and shipping ISV code, we'll see some of the natural market consolidation activity occur and VMware will lock and load, snap up one or more of the emerging security players in the VirtSec space and bolster their platform's security capabilities.

Meanwhile Cisco will help secure VMware further in the enterprise with their integrated play and the remaining security ecosystem players will begrudgingly fight to stay on the good side of the fence...while they hedge their bets by supporting Microsoft and Hyper-V. ...


Granpa Simpson's reaction ...

... to the overuse of the "cloud" theme.

Hat-tip to Dave Winer


McAllister on VDC OS

Short and thoughtful perspective by Neil McAllister regarding VMware's Virtual Data Center Operating Systems (VDC OS).  Pretty much sets the question.

VMware proposes a new kind of OS |Fatal Exception | Neil McAllister | InfoWorld

In some respects, VDC OS is merely the next rung on the VMware hype ladder. After all, if the press is predicting that OS vendors will put you out of business, preemptively proclaiming the death of the traditional OS is a decent tactic. If you look past the marketing, however, VDC OS is actually a fascinating concept. If VMware manages to achieve half of what it promises, it could have significant implications for application developers and customers alike.


What happens in Vegas ...

... doesn't stay in Vegas.  Between the editorial blogging, live-blogging and micro-blogging coming out of Las Vegas this past week, anyone with an RSS feed reader and a twitter habit was probably well informed.  I'm still trying to review the week's events and announcements in light of our company's product and business plans, not to mention the impact on the virtualization market ecosystem.  Heady stuff, because there was so much.

What seems undeniable:

Maritz and the VMware organization has proven their ability to retake some thought leadership and generate momentum.

What struck me:

The theme I noted most at VMworld 2007 a year ago was "security."  This year, it seemed noticeably absent.  My sense is that the industry has yet to catch up and capitalize on VMsafe. Because all of the "next generation" of offerings from VMware and the independent providers are still in development, no one made too much of security issues.

I heard and saw a lot of backup and DR.  Storage is big, and the converged I/O required to make it sing within the virtualized datacenter made a pretty significant showing at VMworld 2008.

I assume that it wasn't just my own interest in network technologies, but this was the show at which the networking of the virtualized datacenter really got its props.  VMware's distributed virtual switch and Cisco's Nexus 1000v are the two most apparent indicators.  And, there seems to be an appreciation for the importance and complexity of "getting the networks right." -- access networks and storage networks, but no mention of the VOIP nets... yet.

And then, there's "cloud computing."  The term itself is now close to useless, since there are so many takes on it.  That said, I've enjoyed the secondary effect of terminology like "cloud bursting" (spanning the enterprise datacenter and the to-the-public utility service in order to scale-out / scale-up in response to demand or need) or "cloud formation" (the level at which condensation occurs -- the requirements and resources encourage the formation / adoption of utility computing.)

I'll continue to mine the feeds and articles over the next week or so to see what resonates and see if I can't also tease out some early indicators.


The fog around Cisco's announcement starts to dissipate

I made it to Las Vegas and VMworld, despite delays.  On firing up the browser, I see that the contents in Hoff's schwag bag, includes a flyer entitled "Introducing Cisco's Virtual Switch for VMware ESX."  He's set out a few more of the questions we're all asking ourselves.  Should be a fun couple of days here in Vegas.

Rational Survivability

I have dozens of questions like: I wonder how much of the Nexus (7000 series)/IOS-XE code cross-pollinates over (if any) to this solution and if we'll see capabilities such as STP/PVST+/Private VLANs, HSRP, Multicast, etc. make their way into Cisco's vSwitch.

Further, as Ed Haletky and I unofficially bet over drinks this evening, I wonder if it will be a direct replacement for VMware's at-boot loadable module or it will co-exist? I bet the former. ;)

In addition to the "cSwitch," there are a couple of sessions I am very, very interested in attending given my exposure to VFrame and some Cisco engineers/architects at last year's show:

Simplify VMotion with Virtual Machine–Aware Network and Storage Services
See how network and storage services can be linked to a virtual machine so they move with VMotion events.

ESX Server in a Unified Fabric Environment
See how ESX Server works in a unified fabric environment with ESX 3.5 U2, Emulex Converged Network Adaptors, and the Cisco Nexus 5000.

VFrame: Enriching ESX Deployment with End-to-End Orchestration
Cisco’s VFrame DC 1.2 provides an easy-to-use template-based provisioning approach for rapid, repeatable, and compliant provisioning of ESX Servers. Through a rich set of networking and storage orchestration capabilities, it reduces the time required to bring up ESX clusters while providing operational scalability to manage large clusters effectively.