Problem to Solve: What can we do to protect our Virtualized Server Infrastructure and Application Services against Hacktivism?
So the good news is that your company has decided to implement a Virtualized Server Infrastructure. This is an excellent way to decrease data center footprint, decrease power consumption, and increase efficiency of the total compute environment. WOOHOO!!
And now the bad news if you have concerns like most organizations. Now that you have virtualized the servers, you cannot really ‘see’ when you have application performance issues. And you have also created a blind spot and nearly invisible environment (other than SYSLOG info) for the Cyber Security team to defend. DOH!!
Virtualized Servers… WOOHOO!!
Unless you just transferred from another “IT planet”, you probably are very aware of the different virtualization platforms. VMware, Hyper V, Citrix, Oracle, Red Hat etc. all offer virtualization platforms that organizations have invested and deployed. There are many benefits of this technology, including extreme flexibility (virtualized OS and software packages), ease of deployment (provisioning time), and redundancy (vMotion). I’m not writing this blog to debate the technology benefits or vendors, but to point out the new APM NPM & Cyber challenges of this deployment model.
Virtualized Servers… DOH!!
The challenge really begins with the term “virtualization”. While “virtualization” is certainly not a new concept in computing, today’s new server deployment models have added a nuance when it comes to triage and troubleshooting applications. If you think of a multi-tier application (i.e. web, application, and DB server) from 10 years ago, it usually consisted of (3+) physical servers to run the application. A client would access the web server, who then made a call to the application server, who then made a call to the database server. All of that communication was transmitted over the network, and the traffic was easily accessible to network tools for troubleshooting. Now in today’s virtualized server environment, the web, application, and database can all reside as “virtual servers” all inside one physical host. From a traffic perspective, this server to server interaction occurs virtually inside of the virtual server. In many cases, this communication DOES NOT travel over the physical network, so traditional network tools have no point to see and analyze the traffic necessary to triage or troubleshoot. (Please see this previous article for details Don’t let a Multi-Tier Application Make You Multi Tear Up). Another challenge that this deployment model presents is for Cyber Security teams. The same traffic that is “not accessible” to your network troubleshooting tools, is also “not accessible” to most network based cyber security tools. DOH!!
Blade Chassis…. Double DOH!!
Many large organizations are deploying blade chassis to house their virtualized server environments. This effectively creates another layer of complexity when it comes to visibility of server communications. For example, you now could be faced with having 10+ virtualized servers running on a particular host, that is now sharing the same blade resource, (say 24 hosts on a blade). Oh and by the way, there may be 10 blades in an actual chassis. So, what do you get at the end of this equation? 10 servers X 24 hosts X 10 blades for a grand total of 2,400 servers that you basically cannot “see” from a traffic perspective. Do you think that the bad guys are aware of your virtualized environment, and the lack of security tool visibility that you may be facing? DOH!!
VoIP Deployments…. Triple DOH!!
Not only are customers deploying traditional applications on virtualized servers, but also their unified communication environment as well. So this blind spot in visibility for network and application performance, now extends into your UC environment and call center environments. Wait a second, aren’t most call centers critical to generating company revenue and addressing customer requests? (Please see this previous article for details Bad Guys Playing Whack-A-Mole with your UC Services??) Throw in a wrinkle regarding QoS into this complicated mix, and you have a proverbial party on your hands. DOH!!
What Can You Do??
I will admit that I “may not” have lifted everyone’s spirit by calling out this topic. The good news is that you do have options to address these challenges. WOOHOO!!
WOOHOO!! …. I think Homer might like this approach …
Points to Ponder
- Have you ever had to address an application performance challenge inside a virtualized environment?
- Have you ever had your company be attacked from inside of your own virtualized environment?
- Do you have an interesting war story to share on the topic of virtualization?
Continue on to the next article in the series, Remote Remote .. It’s Work From Home We Go