Users need to warily embrace virtualization was the message put forth by speakers at Interop New York, where attendees tried to sort out how to proceed with technology investments in the face of possible IT budget cuts prompted by the Wall St. financial crisis unfolding just blocks away.
Interop shared space with Mobile Business Expo in an effort to bolster both events in an economy where trade show attendance is flagging, and together they hoped to draw a total of 13,000 people over the course of the four-day event, show officials said.
Those who attended Interop heard that cloud computing will help companies accomplish more, but new security threats must be overcome in order to fully benefit from this new technology, speakers said.
Virtualization is a "chameleon concept" with one common denominator: breaking the bond with physical reality "so you can do more," Marie Hattar, vice president of network systems and security solutions atCisco, said during her keynote address. "It's one asset to many, or many assets to one," she said.
But perhaps the most critical issue is the new and numerous security holes opened up by virtualization and cloud computing. "A hypervisor needs hypersecurity," Hattar said, as Cisco found out when it virtualized its own servers. "We have to rethink our security approach because when we virtualized, it increased complexity. In cyberspace, there are a lot more points of entry."
She stressed that companies embarking on virtualization and cloud computing need to plan copiously for operations, management, control and security of the new infrastructure.
Her points were echoed by Novell President and CEO Ron Hovsepian, who said companies need to overcome challenges such as reduced spending, complex management and risk mitigation in order to have their heterogeneous IT assets work as a unified system.
Key to bringing IT assets together are injecting agility into the data center through virtualization; enhancing end-user productivity through collaboration and pinpoint management of enterprise desktops; and then implementing and enforcing companywide IT identity and security policies and procedures through access and compliance management strategies.
While Hovsepian touted the benefits virtualization and cloud computing can bring - improving use of storage arrays, reducing power consumption, streamlining server architecture - another speaker focused on the litany of new risks virtualization comes with.
At least for now, virtual servers, the hypervisors that oversee them, the management platforms that govern them and the IT staff that sets them up and runs them day to day are all potential attack vectors, says Joshua Corman, principal security analyst for IBM/ISS. "Virtualization is a game changer for good and for bad," he says.
IT staffs under financial pressure to implement virtual servers may be overworked and lose the diligence to properly plan secure deployments, Corman says. "Virtualization requires more discipline and enforcement of policies than before," he says.