The advantages of virtualization are becoming very widely understood. The first is obviously the efficiency gain from doing a conversion of a physical environment to a virtual environment. Those gains are well documented across a very large universe of those types of projects. You consistently see 60% capital expenditure reductions, 30% operating expense reductions, and even up to 80% energy utilization reductions.
Reducing costs and improving efficiencies are obviously major goals of government right now, and that’s a big reason why virtualization is playing such a significant role in current initiatives. You also often see service level enhancements and improvements in application performance.
The potential difficulties, I think, are also becoming widely known. They’re associated with the challenges of the continued evolution of technology in an organization and the skill sets that requires, what changes that makes in people’s roles and so on. Those sorts of things are always going to be somewhat challenging for an organization. But it’s a familiar part of the overall technology evolution cycle that IT organizations have been going through for the past 30 years.
They’re definitely different, but there’s also a lot of similarities. Ultimately we’re talking about virtualization at different layers in the stack. They’re all taking advantage of the same characteristics, but at different rates because of the nature of the technologies involved. The important thing is to integrate all of those layers of virtualization with the management layer. It’s really important to have that in order to handle the technology characteristics that are most appropriate for virtualization of each of those layers in the stack.
Once you virtualize any particular technology it creates certain characteristics. It makes that technology more mobile, for example, and if you take advantage of additional management capabilities like policy driven frameworks for establishing and delivering on service level capabilities, you’ll want to do that at a level of abstraction that combines all these things. The management layer gives you the ability to manage that environment, and creates a more automated and efficient way of doing what IT struggles to do today, which is deliver on service level capabilities.
Those efficiency gains and reduced costs are absolutely true. As well as capital, operating expenses and energy cost reductions the physical to virtual consolidation ratios now are easily on average 10:1, sometimes up to 20:1 and I’ve heard of cases even higher. That’s significant, and of course it’s also going to produce cost reductions. There’s just no way around that.
What else is needed for organizations to benefit? Physical to virtual consolidation has been going on for a decade or more in industry, and the process has become a science. The capabilities of the management layer and management environment to support virtualization have grown substantially over the last several years, now to the point of abstraction. And bringing in the cloud layer in the management stack is another capability that’s been added in the last year or two.
It becomes a little more challenging with stitching it all together, in terms of how do you bring in the federated access control mechanisms for IT to be able to provide end users with multiple application access through multiple devices. This is the part where things are still evolving. But it won’t be long before this capability becomes mainstream as well.
From a security architecture perspective, I don’t think there’s that much different. It’s about a very holistic approach to a defense-in-depth architecture and overall framework. As to advantages, I think many people would argue that virtualization has inherent advantages compared to a physical environment. Because the virtualized environment is so dynamic it makes it a lot harder to target certain components, compared to the more static physical.
What do organizations need to be aware of? That virtual infrastructure has become more mature and robust to the point where, in VMware’s case, our core virtual product and virtual management product both have gone through the Common Criteria security certificate process. That’s a good indicator of the security built into the product set.
In addition to that, there’s a new set of virtualization security technologies which you can think of it as virtual defense in depth security. We call it vShield, where there is the virtual equivalent of old school physical inline security devices like edge firewalls, for example, built into the virtualization technologies so that the profiles associated with the firewall can be established once and reused many times.
I’m sure there are, but at this point it seems to be more the case that conventional wisdom would have said you shouldn’t be virtualizing things such as databases, Tier 1 apps & desktops, and all that’s happening now. So, even if there’s something not quite ready to be virtualized, give it another year or two.
There’s many, but it comes down to virtualization as the underlying enabling foundation technology for cloud computing. VMware created the virtualization market in the X86 environment, which is dominating in terms of server virtualization today. And then we uniquely address all three layers of the cloud stack that sits on top of this underlying foundation. From there, adding virtual desktops and then expanding outwards to provide multiple device and application access with integrated security, so organizations can create a mobile work environment for end users.
VMware has advanced technology in the market now in each of these layers of the cloud stack to enable all three layers to exist and have virtualization and management built into each of the layers, but also then using policies and a policy-driven framework to communicate between the layers.
There’s a couple of things that are quite evident if you look at the general cost structure of this kind of initiative and where the return on investment comes from. There’s no question the ROI in a virtualization project is very high with physical consolidation ratios between 10:1 and 20:1. However, what you see is that, though there’s a significant ROI, there’s a change in the cost structure of the organization away from server resources, say, and towards more storage resources. But that doesn’t mean there’s an increase in overall costs it’s just that, element by element, there might be a change in the cost profile. But there’s still a very high overall ROI associated with that virtualization.
That’s a good question, and it’s one that’s come up numerous times in organizations. Ultimately, the best way to solve the problem is really dependent on the characteristics of the culture of the organization, but there are multiple options to deal with this particular challenge. It generally will evolve over time to where the traditional roles of the network or IT administrator are collapsed into the virtual administrator role. That could be a tough thing for people to go through, but it’s part of the evolution of the skill sets of the IT staff.
So I definitely see virtualization as part of the overall IT skill set. There are cases where that might not be the case. Some programs in the government are very heavily software development oriented, for example, and those projects tend to be funded outside the IT organization. In those particular cases there would be a need for specific virtualization expertise to be associated with those programs. Generally speaking, however, virtualization would be included as part of the IT skill set.
As long as you have the ability to go out and create a virtual machine the person authorized to do that can potentially create more than is needed, but there are places where this can be prevented.
At the governance layer, for example, which deals with management processes and authorizations around who can create virtual machines and how many they can create and where the funding comes from and where the control points are on on that. Another is control layer, where authorizations and policies are established in terms of who has authorization to do what, and what level of authority you want to give them. There you can decide what degree of control you want to give people to go out and create virtual machines.
And then there’s the optimization layer. In theory, if you’ve got VM sprawl, you’ve got a lot of virtual machines that are underutilized or are idle. VMware certainly has the software that will go and evaluate your environment virtual machine by virtual machine, and will recognize where VMs are not taking advantage of the resources that are available to them. Then you can go optimize the virtual machines, shut those that are idle and so on. Kind of re-optimize the environment.
Virtualization is the foundational element of different end points that government agencies are interested in and need to utilize. Cloud computing is an obvious one, and virtualization is a key enabler, if not the key enabler, of cloud computing. It’s also the key to virtual desktop environments, and of data center consolidation strategies. The important thing to recognize is that, regardless of what the major initiative government is trying to pursue, virtualization is going to have a significant enabling role in making that happen.
The preservation of legacy investments is one of the aims of virtualization and cloud computing. When you look at the desktop for example, even down to the specific end point, when you virtualize your desktops you don’t necessarily throw out your existing PCs or laptops. They can be repurposed.
I’m not sure what the distinction is between cyber security and cyber warfare, but security concerns come up all the time. There’s no question there’s tradeoffs in the security architecture taking full advantage of a virtualized environment. I regularly see architectural tradeoffs that are made in order to meet certain higher level security requirements about air gapping between certain networks and things like that. I think that, for a time, this will be a maturity question of the underlying technology. Over time, the comfort level will continue to grow to the point where the verifications and certifications in the abstraction layer, in this case, will be sufficient to prohibit any traffic or any hopping between the different security levels.
The thing that is really interesting is we don’t yet know the impact that mobile computing and mobile technology is going to have on the workforce, in particular the government workforce. The concept of group sourcing, for example. You now have things like distributed software development expertise using cloud-like environments, to come up with smaller and smaller application mashups and do so in a way that is still controlled, but so much more efficient than the way it is done today. This is something that could completely transform the software develoment industry in general. And that’s going to enable the kind of technology that VMware is bringing to the table today. Who knows how that’s going to change things.
And then there’s the whole idea of social media and social technology and how that’s going to be brought into the equation. Is it going to change virtualization? No, but it’s going to be another capability that’s will disrupt the way technology is utilized, and organizations are going to need to take advantage of how that evolves to continue to be successful going forward.
This is an interesting one to me, because I have seen the government trying to transition from a slow adoption model of advanced technologies, to one where they are jumping more in the drivers seat, particularly around the utilization of cloud capabilities.
I think the government can learn from the private sector in the risk-based models they use. The one they use now is not necessarily slowing progress in terms of taking advantage of the virtualized environment and building cloud on top, but it’s building in a phased risk based approach for execution. It could learn some creative ways of handling the shifts in capital expenditures, say, to the operating expense side of the budget and how to manage the cost structures more efficiently. I think these are the areas where the government is moving slower than it needs to, in order to enable the full capabilities of virtualization to be realized. Not so much on the technology side.
Also, there are efforts afoot to modernize the government’s security framework. I think it’s heading in the right direction, but government is a very big ship and it takes a lot of effort to turn it. So it’s taking some time in order for government to fully utilize and take advantage of the benefits of virtualization and the things it enables, such as cloud computing.
I think there are plenty of applications, software and infrastructure that will continue to be virtualized in federal government. I think we’re going to see a real proliferation of the virtual desktop. We’re just on the cusp of that now, but over the next five years we’ll see a significant increase in the utilization of the virtual desktop. And then there’s just expansion of the cloud layer in general, and the automation and service level enhancements that will bring. VMWare’s presence will grow substantially over the next five years because of this.
8609 Westwood Center Drive, Suite 500, Vienna, VA 22182-2215 703-876-5100 © 1996-2012 1105 Media, Inc. All Rights Reserved.
© 1996-2017 1105 Media, Inc. All Rights Reserved.