The VMworld Europe day one keynote featured VMware CEO Paul Maritz outlining VMware’s future vision, with particular attention paid to the cloud. Maritz’s session is already available online, so I’m not going to write a point-by-point summary of his keynote. Instead, I’ll focus on a few key thought-provoking topics:
- Standards-based vs. proprietary cloud architectures
- Security and compliance in the cloud
- VMware/Intel client hypervisor announcement
- Mega merger in the works?
Standards-based vs. Proprietary Cloud Architectures
Maritz spent time on the need for public and private cloud standards that promote application migration between different cloud platforms or service providers. By migration, I’m not referring to any type of live migration. Instead, interoperability should remove lock-in to a particular cloud provider and provide enterprises with greater negotiating leverage when evaluating service providers or renewing existing contracts. VMware is painting a very nice vision here.
Security and Compliance in the Cloud
A number of cloud providers (terremark, IT Structures, EngineYard, and Logica) took the stage to describe their technology, which is built on VMware infrastructure. In each case, the service provider described an easy-to-use management model, but not one provider talked about the issue of regulatory and security compliance. Our clients have continued to indicate the compliance remains the primary barrier for enterprise cloud adoption, so I was surprised that none of the providers addressed this concern. If providers want enterprises to seriously consider their platforms, then they will have to do a better job articulating a solution to the existing compliance and security concerns around public shared infrastructure. Reading between the lines, I think it’s implied that cloud service providers currently do not have a working solution for compliance validation on shared infrastructure. If a provider does have such a solution, I would like to hear it.
Ideally, I would like to see a DoD-like standard security model for cloud service providers. For example, assume that the following options were available:
- Level A: Dedicated physical and virtual infrastructure, including dedicated server and networked storage assets.
- Level B: Dedicated virtual and physical server infrastructure, shared/logically zoned storage infrastructure (clients receive dedicated LUNs, but data traverses a shared physical SAN).
- Level C: Shared virtual and physical infrastructure, isolation provided by dedicated virtual security appliances (e.g., VM firewalls, IDS, IPS).
- Level D: Shared virtual and physical infrastructure, no appliance-based segmentation and isolation (isolation provided via VLANs).
I like the tiered model because it can be easily consumed by an enterprise’s security auditors. Am I being overly simplistic here? Sure. But we need something. And the time to start defining a cloud security model is now. Until that happens, I expect our enterprise clients to continue rolling their eyes each time public cloud infrastructure is mentioned in a vendor keynote. My sample model is meant to be just a starting point for discussion. We need something, and a tiered model would work.
VMware/Intel Client Hypervisor Announcement
VMware announced collaboration with Intel on a client hypervisor. This announcement was almost identical to a similar announcement from Citrix and Intel last month. To be honest, I was hoping to hear from VMware that they would be doing a little more than Citrix – i.e. – upping the virtual ante. Instead, my impression that was Intel is treating VMware and Citrix as equal citizens. Nothing in the VMware-Intel announcement shows any more innovation by VMware over Citrix. Still we’re far too early down the client hypervisor road to declare a leader, since neither Citrix nor VMware is shipping a product. In fact, the only vendor shipping a client hypervisor today is Neocleus.
Mega Merger in the Works?
As time continues to pass and VMware looks at its hole in the enterprise management space, I see the question of a merger with a major enterprise management vendor as now being about when and not if. Here’s what I’m thinking – a BMC merger or acquisition with either VMware or one of its major partners (i.e. Cisco) makes sense on a number of levels. VMware needs a management and orchestration stack that addresses the physical infrastructure (and so does Cisco for that matter). If VMware wants to be a major player (and not a role player) in the future data center, it will need an enterprise management solution. If we take this one step further, what would the impact of a VMware-BMC-Cisco-EMC merger be? Alessandro Perilli has done a nice job covering Cisco acquisition rumors on virtualization.info (see here and here). Personally, I don’t see the public mutual respect between VMware, BMC, and Cisco as nothing more than a needed group hug. Is the fact that Bob Beauchamp (BMC CEO) has been predominantly quoted in the recent NY times article on Cisco’s data center plans a coincidence? I doubt it. In fact, I can see a Cisco acquisition of BMC as a real possibility. Stay tuned. The drama that is good enough for a virtualization reality show is only going to intensify in coming months.
Posted by: Chris Wolf