As new vendors enter the x86 virtualization space, pioneer VMware, Inc. is moving on to the next frontier, cloud computing, said VMware President and Chief Executive Officer Diane Greene in her keynote address at the JP Morgan Technology Conference in Boston on May 21.

“The dream of cloud computing is fast becoming reality,” she said.

With cloud computing, workloads are assigned to connections, software and services, which are accessed over a network of servers and connections in various locations, collectively known as “the cloud.” Using a thin client or other access point, like an iPhone or laptop, users can access the cloud for resources on demand.

Greene told the event attendees that the evolution of virtualization begins with users deploying VMs for testing and development, then easing into server consolidations for production environments. The third phase is resource aggregation, with entire data centers being virtualized, followed by automation of all of those aggregated workloads. The final “liberation” phase is cloud computing, Greene said.

“We now have competition going after the first two phases of virtualization evolution with 1.0 products, but we are very much in the aggregate, automate and liberate phase,” Greene said.

Other vendors have their sights set on cloud computing as well. IBM Corp. and Google announced plans to promote cloud computing in October by investing over $20 million in the hardware, software and services at universities, and Reuters reported this week that Microsoft expects companies will abandon their own in-house computer systems and shift to cloud computing as a less expensive alternative.

While VMware moves towards cloud computing, the company is in the thick of the automation phase and has released a number of virtualization automation products recently, including VMware Site Recovery Manager for Disaster Recovery, VMware Stage Manager and VMware Lifecycle Manager for lifecycle management and VMware Lab Manager, as well as product and service bundles.

The company is also focusing on desktop virtualization with Virtual Desktop Infrastructure and has introduced services and products to move that inititive forward.

“Desktop virtualization does require a major change in the infrastructure, so it could be 2011 before we see desktop virtualization adoption in the millions. We do have hosted desktop virtualization customers with large deployments…but [adoption] will happen at a measured pace,” Greene said. “I do think someday everyone’s desktop will run in a virtual machine, whether it be on PCs or MACs, thin clients or phones. With the advantages from a security, manageability and flexibility standpoint, it will become mainstream.”

The cost of desktop virtualization is a barrier to adoption, but Greene said the price per user of desktop virtualization will come down steadily over the next few years. It is in the $800 per user range today, she said.

The decision whether to adopt virtualization often comes down to the corporate bottom line. CFOs want to know how long it will be before they see return on investment from virtualization, and there are many considerations in determining ROI.

Yesterday, I spoke with Stephen Fink, senior infrastructure architect for the global IT consultancy Avanade, about a comprehensive tool he created that takes just about every inch of data centers under consideration to determine what the ROI for virtualization will be.

Fink has 14 years of experience as a consultant and created the virtualization model for ROI as a tool for his own clients, but it made its way around the company and is now used as the way to determine ROI by Avande consultants, he said.

There are 125 inputs in the Microsoft Excel-based tool - such as power and cooling, cabling, network, CPU, servers, floor space, and staffing costs - and each helps determine the impact of implementing virtualization at a customer’s location, he said.

“There will never be a one-size-fits-all solution, and there has to be a business case for virtualization; I look at their environment from a high-level approach and asses the inventory. We look at their apps, their network, the annual power costs, licensing costs for software, etc., to see what they pay for their environment, and we can now give a really good idea of the ROI with Microsoft Hyper-V and VMware,” Fink said.

Avande, which is partially owned by Microsoft, has the benchmark information on Hyper-V from the most recent release candidates and uses that to determine Hyper-V ROI. Hyper-V is scheduled for release in August.

“We look at the net costs of the environment without virtualization versus what they would pay if they virtualized, with specific server types, running ESX or Hyper-V. We can tell you how many systems can be virtualized, and you can see the cost of your virtual servers, the cost per OS and the cost of your virtual hosts, to determine your annual cost reduction from virtualized guests,” Fink explained.

Fink said consultants like him are often used to determine whether virtualization is worth the initial acquisition and licensing costs, which depends on businesses’ expectations when it comes to ROI. “If a company already operates efficiently and has a portfolio of apps that make them a poor candidate for virtualization - like very high CPU and high memory consuming apps or data base severs, virtualization may not be the answer for them,” Fink said.

Avanade uses the tool as part of its consultancy, and it is only available through Avande consultants - which, of course, comes at a cost to businesses.

Other virtualization calculator tools are available for free, like the one from VMware, but these aren’t as precise as Fink’s tool from what I can tell.

There are also plenty of experts offering advice on determining virtualization ROI that won’t cost you anything.

According to IT security and virtualization technology analyst Alessandro Perilli , to calculate ROI, “you need to apply simple math to the costs your company could mitigate or eliminate by adopting virtualization.”

He reported that virtualization can reduce some of the following direct costs:

* Cost of space (leased or owned) for physical servers
* Energy to power physical servers
* Air conditioning to cool the server room
* Hardware cost of physical servers
* Hardware cost of networking devices (including expensive gears like switches and fibre channel host bus adapters)
* Software cost for operating system licenses
* Annual support contracts costs for purchased hardware and software
* Hardware parts for expected failures
* Downtime cost for expected hardware failures
* Service hours of maintenance cost for every physical server and networking device

Scott Feuless, a senior consultant with Compass, based in Texas, wrote about how to quantify virtualization ROI recently, and IT consultant John Hayes of Avnet Technology Solutions also had some advice on figuring out the cost of virtualization that could help make the case for virtualization.

As part of a business case to justify our server consolidation/virtualization project, I had to show the benefits of what the project would provide. Virtualization provides a lot of “soft” benefits like reduced administration, maintenance costs, head count, etc. but one of the “hard” benefits is from the reduced power and cooling costs. I put together a little spreadsheet of all my servers and the wattage of their power supplies to help calculate how much money we would save in that area. The end result was real numbers I could take to management to show them the ROI that virtualization provided.

In today’s world the cost of just about everything has been on the rise. Fuel costs in particular have a ripple effect on just about everything we buy which also affects computers. That’s why virtualization is a great way to offset those increased costs. Providing power and cooling to a data center can be a very big expense, virtualizing servers can dramatically reduce this cost. PlateSpin provides a nice power savings calculator on their website. If we plug in the following numbers:

• 200 physical servers
• average usage of 750 watts per server
• average processor utilization of 10% before virtualization
• target processor utilization of 60% after virtualization

The average power and cooling savings a year comes out to $219,000 with a consolidation ratio of 5:1 based on a cost per kilowatt hour of 10 cents. As the cost of power increases the savings become even greater, at 12 cents the cost savings become $262,800 per year and at 15 cents the cost savings become $328,500 per year.

Of course savings will vary based on a number of factors including how well utilized your physical servers are before virtualization, your consolidation ratio which can sometimes be as high as 15:1 and also your location. Different parts of the country average different costs per kilowatt hour, California and New York tend to be the highest at 12 - 15 cents per kilowatt hour where Idaho and Wyoming are the cheapest at about 5 cents per kilowatt hour. Power costs tend to rise a lot more then they go down so the argument for virtualization from a cost perspective becomes much easier when you factor in the potential savings.

Some power companies like PG&E even offer incentives and rebates for virtualizing your data center and reducing power consumption. A greener data center benefits everyone and besides reducing costs also helps the environment. Virtualization is one of the key technology’s to help make this possible.

Scott Adams isn’t the first to create a cartoon about virtualization (see VirtualMan helps IT pros explain virtualization’s benefits). Even so, his short comics that grace yesterday and today’s Dilbert.com homepage highlight a simple truth: for IT managers, getting the green light to virtualize is a lot easier if the higher ups have the idea first. Here’s a thought: If you want to virtualize, and your C-levels aren’t quite paying attention, maybe you should put a virtualization insert in one of his (or her) trade journals?

Yesterday’s Dilbert.com comic strip:

But, as today’s comic points out, even if your company approves a virtualization project, you still may not get to partake in the fun!

VirtualMan blog posts co-authored by Hannah Drake and Matt McDonough.

Trying to grasp the basics of server virtualization? Or, do you face the even more challenging task of explaining and/or pitching server virtualization projects to non-IT execs? Definitions from WhatIs.com or Wikipedia may help, or you could call in VirtualMan.

AccessFlow created an amusing and informative virtualization-based comic series to explain virtualization as a technology. In the first installment, superhero VirtualMan helps frustrated data center manager Ivy Green explain the complicated technology’s benefits to a resistant executive in layman’s terms, saving her from trying to fit yet another physical server into her data center.

Check out this week’s comic and learn how to defeat execs who harbor “a hardware-centric view of the world” with VirtualMan Powers Down.

VirtualMan is not only an amusing diversion that IT professionals will appreciate for its tongue-in-cheek look at the problems that are inherent in today’s data center, but it’s also a valuable educational tool for those that aren’t as familiar with virtualization as they would like. So whether you’re looking for a quick laugh at your desk during work or want to learn more about virtualization with cartoon art accompaniment, AccessFlow’s VirtualMan is definitely worth a peek. Stay tuned; we’ll review more episodes in the coming weeks.

At Gartner’s Data Center Summit 2007 in London yesterday, analysts said virtualization will be the most significant factor in adding agility to data centers through 2012.

I think we already figured that, since virtualization can significantly cut back the number of servers, space, power and cooling demands in data centers.

The takeaway from Gartners declaration: If you aren’t at least looking at virtualization for your data center, you are falling behind businesses that already are — and that isn’t a good place to be.

Gartner had some recommendations to organizations planning or implementing virtualization:

- When looking at IT projects, balance the virtualized and unvirtualized services. Also look at the investments and trade-offs;
- Reuse virtualized services across the portfolio. Every new project does not warrant a new virtualization technology or approach;
- Understand the impact of virtualization on the project’s life cycle. In particular, look for licensing, support and testing constraints;
- Focus not just on virtualization platforms, but also on the management tools and the impact on operations;
- Look for emerging standards for the management and virtualization space.

Return on Investment… the holy grail of IT.

Simply put, ROI is defined as the “ratio of money gained or lost on an investment relative to the amount of money invested”. One formula used to determine ROI is “net income plus interest divided by the book value of assets equals Return On Investment.“

In real terms, when you invest in a technology for your business, it’s about more than that. IT-related ROI often needs to provide cost savings, rather than generate revenue. In the case of virtualization for consolidation, this is often a simple calculation made difficult by many variables.

Variable 1) Power

This is a hot topic in the virtualization world, and has been ever since energy costs spiked and data center electric bills started going through the roof. Tracking the ROI of energy savings requires discipline, but in a large environment the numbers can be significant. It’s important to get a good baseline before implementing server consolidation via virtualization, which means getting the bills from the previous few years and calculating average monthly and yearly energy costs. Then, after the project is complete the process must be repeated and the results compared. Lastly, as the elapsed time periods pre- and post-project are matched up, the calculation must be re-run.

As an example, if you have an average cost of $50,000 per year for power over five years pre-consolidation, you need to calculate each year out and then each month, so that in the first month post-project you can compare that same month the year before, and then in six months the cost of the same six months the year before, etc. etc. This shows how fluid ROI can be over time, but how important it can be to be disciplined in tracking numbers like that to show success and failure rates over the long-haul, and not just the last quarter. Whether to include market fluctuations in power costs into your calculations or not is one I’ll leave to the reader. I personally don’t, because there’s one thing I can count on: Costs go up. If your bill is paid by the company, and includes other sources such as cube farms and the cafeteria, the calculations can still be made, but good luck removing the non-IT variables if needed (like say, the cafeteria closing for a month for renovations… that will cut power use dramatically).

Variable 2) Long-Term Staffing and Consulting

The hardest calculation of them all. How much did it cost for you to pay those consultants? How much time did your staff invest in the project, and how much is that time worth as an overall portion of their salary and benefits? Do you even calculate benefits as a factor in ROI? How much was spent on training and other job-related benefits during the time? Did a server fall on somebody’s foot and cause a Worker’s Compensation claim? How much time are staff members going to spend on administration? How does this impact other processes, and what’s the cost to them? The short answer is that you will spend more on virtualization experts, but less on hardware technicians, because there will be less hardware to break. This teeter-totter of staffing will carry over into several types of team - including networking, storage, etc. Tally the fully-burdened costs and compare them to pre- and post-project figures. Nobody likes to think about laying people off because they aren’t necessary anymore, but retasking is good for the soul, and often for the career of the retasked. That means you need to calculate the training costs outside of virtualization as well.

Variable 3) Infrastructure Hardware and Software

The easiest calculation of them them all. How much did it cost you to acquire all of your assets over how long a period of time? What is the average cost per year for an average growth rate? How much can you then expect to spend over an equivalent period of time in the future using that average, versus how much you project to spend using virtualization-based server consolidation. If you use chargebacks, what do you charge and how can that be reduced? If you reduce chargeback costs, should you be factoring in their lower costs to your ROI calculation on a seperate line item?

Variable 4) Services Reduction

That’s right - less services. Less management of services too. Backup and DR comes to mind as a prime service that can be reduced. A smart shop backs up as many virtual machines as they can using storage snapshots or virtual machine snapshots and then moves those snapshots to a remote location without the need for tape. That means no more tape pickups, which is a service reduction. Even for those shops who have systems where backups of the data in the guest machine still needs to be completed, there’s a serious reduction in services because there’s a huge reduction in tapes used and stored. There are also faster restore times. Take for example, if a file server falls over due to an OS corruption cause by a conflicting set patches - restore from the snapshot, and your in business. No call for tape, no waiting for delivery, and only minimal downtime. This is just one area where services are reduced, yet greater service is provided. Others include provisioning new servers, which in a large environment is time-consuming and costly. Replacing dozens of servers sitting cold in a DR facility with a few hefty virtualized systems can reduce physical storage costs just in terms of rack space and square footage. Needless to say, the calculations for this vary from shop to shop, and you will have to find your own service reduction ROI points. Some places to look:

• Reducing tapes
• Reducing tape  and DR facility storage fees
• Decreasing time and personnel costs to prepare new infrastructure
• Decreasing hardware support / warranty contracts

Variable 5) Service Increases

Availability comes to mind here - no more worrying about hardware failures requiring a huge restore window means a huge bump in availability numbers. In the case of DR, there’s most likley a pre-determined cost per picosecond of business downtime - that figure is just ripe for plucking into an ROI calculation (albeit on a seperate line), because with tools like VMware’s VMotion, HA, and DRS, the time-to-recover from failures is drastically reduced. This means that the company is losing less money due to an outage, and therefore each tracked outage can be tallied up and compated to the pre-virtualization outages, yielding a good source of ROI from loss-aversion.

That’s the positive part of ROI - remember that ROI comes with a built-in double-edged sword - some costs will go up. In the services arena, you will pay more for the increased networking required for good remote DR. In the training arena, you will pay more for virtualization training. In salaries, you will pay more for virtualization experts. The list goes on. The “trick” of ROI is in being complete - finding all of the increases and decreases in costs that virtualization brings. I’m willing to bet that any environment with more than ten servers will get positive ROI in less than a year. The long and short of doing an ROI analysis is this - it’s a long, involved process that won’t give real numbers worth a darn if you don’t take the time to analyze your entire business-technology environment for the correct numbers. Claiming a positive ROI by server consolidation alone is a great win, but not at the cost of missing other aspects of your business’ ROI. To sum up, look at the following for sources of ROI:

• Hardware Costs
• Software Costs
• Physical Storage Costs
• Downtime Costs (averaged w/ equal periods, pre-project)
• Consumables Costs (tapes)
• Chargeback Costs
• Salary and Benefits Costs
• Training Costs
• Consultant Costs
• Energy Costs

Put these into two main columns, what you spent on the project and in production post-project and what you saved from pre-project expeditures. Adjust for inflation and print.

Some time back, before I was invited on as a blogger for SSV, I was interviewed by the always-fun-to-work-with Adam Trujillo about Virtualization in the Data Center, and, like all good writers, Adam left the best question for last:

“What about hardware decisions — should data center managers be considering scale-up instead of scale-out?”

My response was:

“I personally prefer a scaled-up approach because there is a reduction in ongoing costs, such as power, space, cooling, and physical maintenance. Also, the complexity factor is reduced when there is less hardware to manage. An exception to that would be data centers without existing centralized storage — the initial acquisition becomes more expensive in scale-up operations if a SAN infrastructure is not already in place.”

I’m guilty of being one of those people that says “Durnit, why didn’t I say this or that?” or “Dangit, why didn’t I quantify that a little more?” even well after the fact, making me perhaps my own worst critic. In this case, I really felt I left some stuff unsaid. One item that irks me about that answer is that I should have made more mention of blades. I hate blades in their current incarnation. I think they’re the worst idea in IT - they’re hot, cramped, delicate, with slower components and limited expansion ports - if you name something about a blade, I can find a reason to hate it. That said, I shouldn’t have left them out of my line of thought - a good IT Manager needs to consider uncomfortable things, difficult things, even distasteful things, when looking at something impactful. Or so says the wisdom of Frank Hayes, to whose articles I often find myself nodding to the affirmative while reading. So, here goes.

Blades are hot - they have limited cooling options built-in. That’s often a “value-add” (choke) of specialized rack systems and chassis systems provided by third-party vendors. Here’s a few links to illustrate the point:

• Power and cooling woes undercut blade server benefits
• IBM feels the heat
• Heat relief for data centers using blades
• Concerns heat up over keeping blades cool

A rack of big-honkin’ boxes will make you feel toasty on the parts next to their fans. A rack of blades will cook you medium-well given enough time. To prevent the data equivalent of multiple mini-supernovas you need to install the correct cooling - the correct tonnage of AC, hot and cold rack aisles, proper ventilation, air temperature monitors, system heat monitors, etc. In many data centers, the cost of new construction (or re-construction) may very well exceed even long-term cost savings from server consolidation, and even if you can afford the construction and still come out with positive ROI, that cooling comes at a monthly utility cost - you must increase your power consumption to keep things cool.

That said, this is where virtualization has been proven out over the last decade as a way decrease the number of servers and offload them to blades. That may mean that you can remove enough servers to use your existing heat management systems in a more focussed way and not have to break the bank. Even if it’s a five-to-one ratio of servers removed to virtualization-equipped blades added, you’re coming out ahead. Add in centralized storage systems to connect to the blades and the scales may well tip back in favor of Mr. Heat Miser again, but probably not. Getting a ten-to-one ratio means blades are a winner. This is assuming a large server consolidation via virtualization project. If it’s not a big percentage of your boxes being affected, you’ll be back in the hot seat, quite literally.

Ever need five or more NICs for a virtualization host? I have. If I had blades, I’d be using three blades to get that done, assuming dual nics, and five or more on single-nic blades. That means more blades, more virtualization software licenses I don’t need, more hardware to fail, and more physical boxes when what I want to do is REDUCE the number of physical boxes. Right now server blades are still too young - many vendor’s products have all the components are included on the blade, and not modular enough. PC blade systems have it a little better - some limited peripheral connectivity at the user-site (see this link for one manufacturer’s solution), but still, it’s an entire box in a chassis with all the difficulties of expanding that micro-sized PCs and laptops have.

So, I think it’s safe to say that I still hate traditional blades. But I think they’ll be the saviour of the data center soon, and then I will love them. Why? Because here’s my ideal blade system: a truly modular system that will change everything about blades. The best part, it’s available now from several of the larger vendors. The changes are part of a new design “paradigm” (please note my bias against that word) - the end-result is a blade system where the blades can be NICs or other devices, as needed and plugged into the chassis, connected in either a physical layer with ye olde jumper or a software layer (in the chassis management software, perhaps). Lets say I get a blade and I need to put ESX on it, but I need six NICs because of guest system network i/o requirements… ok, I get another blade with a quad-NIC on it, plug it into the chassis, and configure it - voila, a single computer with five or six NICs in two blade slots, using one license. Or perhaps I need ten USB connectors for some virtualized CAD desktops, which require USB key fobs in order to use the CAD software - I plug in a server blade and a USB blade, configure it, and voila, one server, ten USB ports, one license. Expand that out far enough, and you can have whatever you need in terms of peripherals in a blade chassis. If you go to IBM’s website, you get a whole panopoly of choices - switchblades (that one always give me a chuckle) and NIC blades are readily available for expanding your blade chassis out to do more than just host some servers. HP upstages them a bit and has a great product out now that provides PCI-X and PCI-e ports. This is from their website:

“Provides PCI-X or PCI-e expansion slots for c-Class blade server in an adjacent enclosure bay.

• Each PCI Expansion Blade can hold one or two PCI-X cards( 3.3V or universal) ; or one or two PCI-e cards(x1, x4, or
• Installed PCI-X cards must use less than 25 watts per card. Installed PCIe cards must use less than 75 watts per PCIe slot, or a single PCIe card can use up to 150 watts, with a special power connector enabled on the PCI Expansion blade.
• Supports typical third-party (non-HP) PCI cards, such as SSL or XML accelerator cards, VOIP cards, special purpose telecommunications cards, and some graphic acceleration cards.”

This is interesting - a couple of PCI-e quad-NICs in one of an expansion unit and my NIC requirements are set. Or perhaps a couple of PCI-e USB add-in cards. Or a high-end PCI-X or PCI-e video card. Ok that gets troublesome when you need a lot of them - you can wind up with one blade and a chassis full of expansion slits containing video cards - the cost might not be worth it.

In any case, this dramatically changes my view on scaling up or out. Right now, I still stand for scaling up because blades don’t work in my enviornment - I have heat problems. I have space problems too, which blades could solve, but not with my heat problems. I prefer to buy larger-sized servers with lots of expandability (DL300 and 500 series, PowerEdge 2000 and 6000 series, etc.) and add in NICs as needed rather than buy blades or 1U boxes because I can do more with these larger-sized machines even though they take up more room. I fully expect that to change in the future - at some point I see myself stopping with the scaling up and starting with the scaling out - only I expect the “out” part of that will involve a lot less real estate and more options than currently available.

Burton Group analyst Chris Wolf shared some good advice about
consolidating servers with virtualization in our recent interview. Here are some quick tips gleaned from our conversation and some more-info links and questions for you about these topics.

Making a pitch

Make these key points when pitching server consolidation via virtualization to upper management:

• Virtualization is a means to running fewer physical servers and, thusly, consumer less power in the data center.
• With fewer physical servers, hardware maintenance and upkeep costs go down.
• Virtualization increases server availability via dynamic failover enacted at the virtual machine level. So, any application oncan support high availability, and that is a big difference with virtualization compared to traditional clustering solutions.

(Have you made this pitch? What did you say? What were the results? Let me know in the comments below or by writing to jstafford@techtarget.com.)

Converting multi-purpose servers to VMs

Watch out. This is tricky territory, says Wolf.

“When I have multi-purpose servers, I generally want to take each application or service on that server that I need and run it as its own VM instance. So, in those cases, you are better off manually reprovisioning those services as separate virtual machines again; because in a dynamic failover environment, the VM itself is the point of failover. So, if I have a multi-purpose server, if I am looking at failover, every application on that server is going to be off-line for the period of the failover. If I have a single application per virtual machine, if the VM fails over now, only a single application would be down.”

(Wolf talks more about this process in the interview. Has anyone out there tackled multi-purpose server-to-virtualization conversions? If so, please share your experiences with me at jstafford@techtarget.com.)

Physical-to-virtual (P2V) migration

There are several approaches, says Wolf. Some common practices that work in small environments — such as manually staging a VM and migrating the data and relying on a backup product to help with the migration — are not a good fit for larger data center environments. When migrating many servers, use a product designed for that job to do do a hot clone of a virtual machine.

“Not only does it let me move each VM in a live state, I can schedule when the VMs get converted so I can do a conversion during off-business hours.”

More P2V info can be found here:

SSV’s P2V news and expert advice;
Measuring the success of your server consolidation project.

Got other good P2V links or advice? Let me know: jstafford@techtarget.com.

A couple of weeks ago I spoke with Alex Barrett regarding what I though was a talk on the direction of the server virtualization landscape. Our conversation resulted in her article “Xen virtualization will catch up to VMware in 2008.” After reading the article, I was a little surprised at how some of my words were quoted out of context and wanted to offer my take on the virtualization market and its future direction.

VMware’s Role in Shaping the Future

Many of VMware’s competitors have based their product development road map on VMware’s VI 3 feature set. When I state that Xen platforms can catch-up to VMware’s VI3 features by mid 2008, I mean just that. By this time next year, several Xen vendors will offer mature dynamic failover (comparable to VMware HA) and live migration (comparable to Vmotion) solutions. In doing so, Xen platforms will offer the features that today’s enterprise environments are demanding. Virtual Iron has been very aggressive with their development roadmap and XenSource is working hard as well.

Still, in order to “catch up,” one would have to assume that VMware is sitting on their hands, which of course if far from the case. So will the Xen vendors be caught up to VMware next year? I don’t think so. Will they offer the features and maturity that allow them to be observed as an alternative in the enterprise? Yes.

However, looking into my crystal ball, I see the next generation VMware virtual infrastructure architecture as once again raising the bar. VMware’s ESX hypervisor will have a smaller footprint and improved security. Features that are important in the enterprise, including dynamic VM failover and backup will see significant improvements. You should also to see the complexity of storage integration reduced as well. Technologies such as N_Port ID Virtualization (NPIV) and the proliferation of iSCSI will significantly ease VM storage integration and failover.

I also expect to see more leadership from VMware in the following areas:

• Virtual network security, including monitoring and isolation
• Storage virtualization - development of consistent standards and best practices for integration between server and storage virtualization platforms
• Centralized account management and directory service integration (this is one of my VCB pet peeves)
• Virtual desktop management

Keep in mind that oftentimes many VMware Workstation features find their way into ESX as well. So you should expect some of the new Workstation 6 features to play a part in the next ESX Server product release.Record/replay, is one of my favorite new features, and has numerous uses for testing, troubleshooting, and security auditing.

As the market leader, we should all expect VMware to continue to provide leadership in virtualization innovation, and I don’t expect that to subside.

Virtualization and Security

Security has been getting much more attention lately and will continue to do so in coming years. My recent article “Virtual Switch Security” outlined some of the current weaknesses regarding Layer 2 traffic isolation in some virtual switches. Virtual switches need to improve their default isolation as well as manageability. Port mirroring is an important feature in virtual switches and will be needed for integration with intrusion detection and prevention systems. However, administrators need to be able to control port mirroring within a virtual switch and in turn enable or disable port mirroring on specific ports as needed. VLAN integration is and will remain a concern for virtual switches and vendors that do not offer 802.1Q VLAN support will remain at a disadvantage.

Intrusion detection is becoming more of a concern for numerous organizations, and the uptake of virtualization support by many security ISVs is evidence of that. For example, Catbird’s V-Agent can be used to quickly add an IDS to existing virtual networks.

Hypervisor security is naturally important as well. If you would like to see some of the issues out there today, take a look at Harley Stagner’s excellent article on preventing and detecting rogue VMs. The blue pill attack has also received considerable interest. For more information on blue pill, take a look at Joanna Rutkowska’s presentation “Virtualization - the other side of the coin.”

The security concerns relating to virtualization are no more scary than what we already see with existing operating systems and applications. While security concerns should not prevent you from implementing virtualization, you cannot ignore security either. Hypervisors and management consoles (such as the ESX console which uses a Red Hat-based kernel) still must be managed and updated like all other server operating systems.

To validate the security of their architectures, you should expect virtualization vendors to obtain EAL certification for their respective platforms.

Standards

At the moment, standards are more on my wish list than an actual prediction. I’m hopeful that we will see a common virtual hard disk format within the next 2-5 years. Doing so could provide virtual machine portability amongst all server virtualization platforms and make it considerably easier for ISVs to package and deploy virtual appliances. Administrators would be free to choose their preferred virtualization platform and run virtualization systems on that platform regardless of the virtualization engine that may have packaged a particular VM.

Management standards would also go far in easing virtualization deployments and management. Common APIs for management and backup would allow any third party management or backup tool vendor to support all major virtualization platforms. With industry support of the DMTF System Virtualization, Partitioning, and Clustering (SVPC) Working Group, realization of standardized virtualization management can become a reality.

Emerging Architectures

Application and OS virtualization, fueled by vendors such as SWsoft, Sun, DataSynapse, and Trigence, will continue to add to the virtualization mix in the enterprise. Down the road, application virtualization can significantly ease application deployment by allowing ISVs to package their applications in virtualized containers, thus far reducing application deployment complexity. These technologies run alongside server virtualization deployments today, and it’s very likely that they may be deployed within server virtualization frameworks down the road.

Much work still remains in aligning the non-virtualized industry with the virtualized world. Both application and OS vendors need to be clear on their virtualization licensing terms, with licensing models that support virtualization that are either based on physical or virtual resources. Hybrid licensing that includes terms for virtualization and restrictions on relocation of VMs to other physical resources impedes virtualization adoptions and adds unnecessary confusion. In 2005 Microsoft added a needed jolt to virtualization by being the first vendor to define product licensing in support of server virtualization. Today they need to go further and set the gold standard for licensing of operating systems and applications inside virtual environments. That model should be clear and concise, with simple terms for virtual machines and without limits on portability. “Buffet” style licensing that provides for unlimited VMs on a physical host is ideal as well. Choices and rules are good, but let’s not get carried away. In terms of licensing, less is more. If Microsoft gives us a simple licensing model, many other industry vendors will follow.

Virtualization’s future holds plenty of promise, and we’ll all be the beneficiaries of that promise.