Archive for the ‘Hypervisors’ Category

h1

Quick-Take: Google Turns to Zynamics after recent Malware Proof

March 2, 2011

With enterprises eyeing mobile “smart” phones and tablets as the next wave of technology to improve worker productivity, responsiveness and presence, the recent infiltration of trojan malware into Google’s Android Market is likely to go unnoticed. However, the ramifications appear to be crystal clear to Google as they responded by quickly snatching-up German reverse engineering firm Zynamics. In a blog post yesterday, Zynamics’ CEO Thomas Dullien – aka Halvar Flake – simply stated:

We’re pleased to announce that zynamics has been acquired by Google! If you’re an existing customer and do not receive our email announcement within the next 48 hours, please contact us at info@zynamics.com. All press inquiries should be sent to press@google.com.

There is still no official press release from Google on the matter, however SecurityWeek and other sources have stated that Google has indeed confirmed the acquisition. It is unlikely that the timing of this announcement is unrelated to the recent Android Market fiasco or the “rumoured” Apple iPad2 launch supposedly to take place today at 10:00 AM PST.

An estimated 50,000-200,000 users downloaded tainted apps from Google Market before the items were pulled-off the site. Of course, Apple is not without its share of  problems in iPad. There was a major breach in June, 2010 resulting in at least 114,000 compromised iPad users including then Obama White House Chief of Staff Rahm Emanuel.  However, in the iPad case the breach came as a result of a direct attack on iPad vulnerabilities where the Android compromise attacked a weakness in Google’s Market policies – essentially taking a “trusted back door” approach.

Meanwhile, VMware has been on the road promoting it’s mobile virtualization platform with partner LG. In a hands-on video at the 2011 Mobile World Congress taken by Engadget, the VMware mobile hypervisor can be seen fronting two phones within a phone. While this approach can help to secure corporate data from infiltration of the “consumer” side of the schizophrenic cell phone, it cannot protect the phone from OS vulnerabilities (like the iPad Safari weakness) or authorized deployment vectors (like Google’s Market infiltration.) To protect assets from these kind of attacks, the use of mobile anti-virus and anti-malware will be imperative.

SOLORI’s Take: VMware’s type II hypervisor does enable corporate policy enforcement that would bee too “draconian” for most users to co-exist with their personal or mixed-use phone or tablet . While no official word from VMware has been given on when their mobile hypervisor will make the leap from phone to tablet, it’s not a huge leap given the software has already been shown on the Nexus One and LG Optimus Black.

Given that the LG Optimus is based on TI’s Omap 3630 and the Nexus One incorporates the older Qualcomm Snapdragon chipset, and both are based on ARM Cortex-A8 CPU core found in many Android and Apple iOS devices, VMware’s offering appears to be very mature. Also, it is only a type II hypervisor so it should be no time until we see it running on more current, mainstream devices running ARM Cortex-A9 CPUs used in Nvidia Tegra2-based devices like LG Optimus 2X, Motorola Altrix/4G & Xoom or the rumoured Apple A5 chip “destined” for iPad2 and iPhone 5 or even the new TI Omap 4430 that power the like of the Blackberry Playbook.

Can a type II hypervisor quell corporate America’s security concerns about information leakage and IP theft? Given the right deployment model, tools and resources it represents a step in the right direction. The jury’s still out to see how wireless sharing, two separate data plans and two anti-malware threads affect run-time on platforms that threaten the delicate balance of usability and battery life…

h1

Quick Take: Red Hat and Microsoft Virtual Inter-Op

October 9, 2009

This week Red Hat and Microsoft announced support of certain of their OSes as guests in their respective hypervisor implementations: Kernel Virtual Machine (KVM) and Hyper-V, respectively. This comes on the heels of Red Hat’s Enterprise Server 5.4 announcement last month.

KVM is Red Hat’s new hypervisor that leverages the Linux kernel to accelerate support for hardware and capabilities. It was Red Hat and AMD that first demonstrated live migration between AMD and Intel-based hypervisors using KVM late last year – then somewhat of a “Holy Grail” of hypervisor feats. With nearly a year of improvements and integration into their Red Hat Enterprise Server and Fedora “free and open source” offerings, Red Hat is almost ready to strike-out in a commercially viable way.

Microsoft now officially supports the following Red Hat guest operating systems in Hyper-V:

Red Hat Enterprise Linux 5.2, 5.3 and 5.4

Red Hat likewise officially supports the following Microsoft quest operating systems in KVM:

Windows Server 2003, 2008 and 2008 R2

The goal of the announcement and associated agreements between Red Hat and Microsoft was to enable a fully supported virtualization infrastructure for enterprises with Red Hat and Microsoft assets. As such, Microsoft and Red Hat are committed to supporting their respective products whether the hypervisor environment is all Red Hat, all Hyper-V or totally heterogeneous – mixing Red Hat KVM and Microsoft Hyper-V as necessary.

“With this announcement, Red Hat and Microsoft are ensuring their customers can resolve any issues related to Microsoft Windows on Red Hat Enterprise Virtualization, and Red Hat Enterprise Linux operating on Microsoft Hyper-V, regardless of whether the problem is related to the operating system or the virtualization implementation.”

Red Hat press release, October 7, 2009

Many in the industry cite Red Hat’s adoption of KVM as a step backwards [from Xen] requiring the re-development of significant amount of support code. However, Red Hat’s use of libvirt as a common management API has allowed the change to happen much more rapidly that critics assumptions had allowed. At Red Hat Summit 2009, key Red Hat officials were keen to point out just how tasty their “dog food” is:

Tim Burke, Red Hat’s vice president of engineering, said that Red Hat already runs much of its own infrastructure, including mail servers and file servers, on KVM, and is working hard to promote KVM with key original equipment manufacturer partners and vendors.

And Red Hat CTO Brian Stevens pointed out in his Summit keynote that with KVM inside the Linux kernel, Red Hat customers will no longer have to choose which applications to virtualize; virtualization will be everywhere and the tools to manage applications will be the same as those used to manage virtualized guests.

Xen vs. KVM, by Pam Derringer, SearchDataCenter.com

For system integrators and virtual infrastructure practices, Red Hat’s play is creating opportunities for differentiation. With a focus on light-weight, high-performance, I/O-driven virtualization applications and no need to support years-old established processes that are dragging on Xen and VMware, KVM stands to leap-frog the competition in the short term.

SOLORI’s Take: This news is good for all Red Hat and Microsoft customers alike. Indeed, it shows that Microsoft realizes that its licenses are being sold into the enterprise whether or not they run on physical hardware. With 20+:1 consolidation ratios now common, that represents a 5:1 license to hardware sale for Microsoft, regardless of the hypervisor. With KVM’s demonstrated CPU agnostic migration capabilities, this opens the door to an even more diverse virtualization infrastructure than ever before.

On the Red Hat side, it demonstrates how rapidly Red Hat has matured its offering following the shift to KVM earlier this year. While KVM is new to Red Hat, it is not new to Linux or aggressive early adopters since being added to the Linux kernel as of 2.6.20 back in September of 2007. With support already in active projects like ConVirt (VM life cycle management), OpenNebula (cloud administration tools), Ganeti, and Enomaly’s Elastic Computing Platform, the game of catch-up for Red Hat and KVM is very likely to be a short one.

h1

Quick Take: Oracle, Sun and Virtual Iron Redux

July 6, 2009

In May, 2009, we presented a Quick Take on the acquisition of Virtual Iron – a company that developed and delivered Xen manager to alternative to Citrix. While Oracle has officially killed the “product” that was Virtual Iron, it has released a roadmap to its incorporation into Oracle’s own OracleVM product: a virtualization platform targeted at enterprises using Oracle products and offered for free (via support model.)

What does this mean for Virtual Iron subscribers? Last month, Oracle stopped providing new licenses for Virtual Iron and released Oracle VM 2.1.5, but Virtual Iron represented less that 1% of the virtualization market. According to Oracle’s Virtual Iron employees (reportedly about 15 in total) are expected to continue with the company – perhaps to shore-up Oracle’s VM Management Pack with the addition of Virtual Iron’ expertise.

While it is unclear when Virtual Iron additions will show-up in Oracle VM, it is clear that customers relying on Virtual Iron will either migrate to an improved Oracle VM or switch vendors altogether. It is also clear that with better virtualization management on the horizon for Oracle VM, Oracle will entrench itself behind Oracle VM for support of Oracle applications in virtual environments. While this makes sense, given the “free” status of Oracle VM and its close ties to Oracle support, it limits enterprise deployment options and cloud-based strategies for Oracle products.

SOLORI’s take: What does this mean for the rest of the market? Oracle’s acquisition or Sun and Virtual Iron show that chosing a virtualization suite from smaller players can be risky. Unless your solution is delivered by the open source leader, the enterprise virtualization leader or “embedded” in the leading server operating system, your solution is at risk in any future technology acquisition. Likewise, Oracle’s position clearly demonstrates a closed eco-system of applications and support: eschewing the general purpose hypervisor suite for a tailor-made application stack for Oracle-only products.

In our original Quick Take on the subject, we predicted that Oracle’s would concentrate on its self-sufficiency needs and show little interest in the “forward thinking” applications of VI-Center’s encorporation of Hyper-V and KVM. With the removal of Virtual Iron and Sun xVM from the market, the likelihood of a new virtualization technology hitting the market is about 0%. In 12 months time, we expect to see only three players in enterprise virtualization: VMware, Microsoft and Red Hat.

h1

Red Hat Enterprise Virtualization Strategy

June 26, 2009

Red Hat’s recently updated virtualization strategy has resulted in an “oversubscribed” beta program. The world leader in open source solutions swings a big stick with its kernel-based virtualization products. Some believe one of the keys to successful large scale cloud initiatives is an open source hypervisor, and with Xen going commercial, turning to the open source veteran Red Hat seems a logical move. You may recall that Red Hat – using KVM – was the first to demonstrate live migration between AMD and Intel hosts.

“We are very pleased by the welcome we have received from enterprise companies all over the world who are looking to adopt virtualization pervasively and value the benefits of our open source solutions. Our Beta program is oversubscribed. We are excited to be in a position to deliver a flexible, comprehensive and cost-effective virtualization portfolio in which products will share a consistent hardware and software certification portfolio. We are in a unique position to deliver a comprehensive portfolio of virtualization solutions, ranging from a standalone hypervisor to a virtualized operating system to a comprehensive virtualization management product suite.”

Scott Crenshaw, vice president, Platform Business Unit at Red Hat

Red Hat sees itself as an “agent of change” in the virtualization landscape and wants to deliver a cost effective “boxed” approach to virtualization and virtualization management. All of this is hinged on Red Hat’s new KVM-based approach – enabled through their acquisition of Qumranet in September 2008 – which delivers the virtualization and management layers to Red Hat’s Enterprise Linux and its kernel.

Along with Qumranet came Solid ICE and SPICE. Solid ICE is the VDI component running on KVM consisting of a virtual desktop server and controller front end. Solid ICE allows Red Hat to rapidly enter the VDI space without disrupting its Eco-System. Additionally, the SPICE protocol (Simple Protocol for Independent Computing Environments) enables an standardized connection protocol alternative to RDP with enhancements for the VDI user experience.

Red Hat’s SPICE claims to offer the following features in the enterprise:

  • Superior graphics performance (e.g. flash)
  • video quality (30+ frames per second)
  • bi-directional audio (for soft-phones/IP phones)
  • bi-directional video (for video telephony/ video conferencing)
  • No specialized hardware. Software only client that can be automatically installed via Active-X and a browser on the client machine

Red Hat’s virtualization strategy reveals more of it’s capabilities and depth in accompanying blogs and white papers. Adding to the vendor agnostic migration capabilities, Red Hat’s KVM is slated to support VM hosts to 96 cores and 1TB of memory with guests scaling to 16 vCPUs and 64GB of memory. Additional features include high availabitily, live migration, global system scheduler, global power saving (through migration and power down), memory page sharing, thin storage provisioning and SELinux security.

h1

Citrix Waving the White Flag? XenServer now free – as in ESXi…

February 23, 2009

According to a recent announcement from Citrix, XenServer (without advanced features) is now Free (as in April 2009). The question now? How does XenServer/Free match-up to ESXi/Free and what does it mean for the enterprise customer?

See the community announcement here… and the official press release here…

According to their approach – which reads more like ESXi plus motion – the “free” server still needs a significant investment in “management” products to be “enterprise worthy.” This still means an “enterprise-class” virtualization product WITH live motion technology can be had for the U-build price, but the revenue shifts from “product license” to “management and service license.” Who does that sound like? VMware (ESXi) and RedHat (CentOS).

Since Citrix will retain the intellectual property rights to its closed-source version of Xen, there is no reason to believe a huge number of open source offerings will immediately crop up. It is more likely this is the first salvo in an ever increasing spiral towards Microsoft’s acquisition of Citrix and wholesale incorporation of XenSource into its product line.

Still, the “free” tag line is compelling. Citrix is claiming that for “free” you will get from Citrix and XenSource what you would have to pay $5,000 in licensing to VMware. However, the free version of XenSource will NOT have HA, detailed monitoring or cluster management. You will need their $5,000 “Essentials” license for that…