Skip to main content

Embotics VP interviewed; VM Life Cycle Management discussed


Had a really good talk with David Lynch, VP Embotics. We shared some similar visions about the data center. Funny when I checked David's resume, he's too been a sailor or has had something to do with the maritime industry. (Check out the executive board).

My impressions of the telephonic conversation:

Embotics is a solid, well funded private company. These guys seem to know pretty well what they are coming out with. They are still doing a private beta with select customers and are gaining tremendous insights (Geez, I can imagine!) on its role within an organizations.

What I liked about David was that he engaged me in a conversationalist style, we are all stuck in this hyped-up hypervisor age. Microsoft and all other guys are jumping in with their products, but we need to address serious issues around the virtualized data center (partial or full).

I am very curious to check out the embotics product, when it hits the market, for now, check out the interview:

Me: Please tell us about V-Commander?

David: V-Commander is a policy driven management and control system for virtual machines.

It is a purpose built solution that lets organizations implement policy driven controls into their virtual environments and ensure that they never get into a virtual sprawl condition.

As you know, the virtual world is very different from the physical. Traditional systems of control and management that were more than adequate for provisioning physical servers come up short when it comes to controlling virtual ones. In fact, one of our customers told us that server virtualization is having the same effect on their data center as wireless networking had on the perimeter.

This, I think is a very valid analogy. In the same way that wireless networks ignored the traditional (and in many ways physical), boundary controls imposed by the perimeter firewalls and other defenses, virtualization has the potential to ignore the traditional systems and controls put in place to control the server environment.

V-Commander puts that control back in place.

Built specifically for the challenges created by virtualization, V-Commander ensures that only authorized virtual machines (VMs) can be deployed and that only authorized individuals can deploy them.

Incorporating a Virtual Machine Identity Management (VIM) system, V-Commander interrogates every VM that comes up in the environment, and automatically implements customer selected policies to react to them. Unauthorized (or unknown) VMs are readily identified and administrators alerted, and/or the VMs themselves shut down.

V-Commander also controls where individual VMs are allowed to run. For example, it is relatively easy to ensure that VMs that need high-availability machines are installed on HA hardware. However VMs do not necessarily stay put, and over time can be moved. (either through the use of load balancing software, or simply administrators doing maintenance). Embotics not only ensures that the VM matches the specific grouping it is initially installed on (i.e. high availability, data confidentially groupings, production vs. development, etc.), but it ensures also that these policies are enforced after the initial installation.

If, for example, a development VM is inadvertently moved to a production ESX, V-Commander will spot the mismatch automatically and react by implementing the specific policy set by the organization.

Finally, we allow administrators to set expiry dates on individual VMs and implement a series of policy steps based on this date. For instance, we can alert an administrator ahead of time that a specific VM is due to expire, and then on the expiry date (if the administrator has not intervened), we can stop the VM. Some time later (depending on the interval set), we can remove the VM from inventory and /or remove it from the host server; depending on the specific policy set.

By controlling what VMs go into an environment, then constantly monitoring the environment for “out of process” VMs and taking action when this does occur, and retiring VMs that have hit their expiry date, V-Commander lets data center managers maintain complete control of their virtual environments and avoid a virtual sprawl condition.


Me: What insights are you gaining from your closed beta?

David: The beta program has been very useful to us. The reception has been very good, and in addition to the normal feedback on installation process, GUI’s, and integration into existing datacenter architecture, we are also getting a lot of response on policy management – Specifically a number of excellent suggestions concerning additional policies to incorporate into V-Commander.

Our strategy has always been to allow the market to drive the policy requirements, and the acceptance of the initial set, as well as the ideas that are coming in, is very gratifying.

Me: When do you plan to release the product?

David: We are still on track for the end of the year. I don’t think it will slip, unless we decide to implement some of the policy additions right away.

Me : How do you plan to price your product?

David: The pricing is under review at the moment, so it may change, but the current pricing model has an entry price of under USD $25,000.

Me: Are your customers benefiting from it? Will they be deploying V-Commander in production after the beta?

David: We deliberately went after a wide range of customer types in our beta program, including financial, hosting providers and enterprise customers. We were looking for validation across multiple types of data center in a variety of different control models.

A large percentage of the beta customers will be deploying V-Commander after the beta, and most of the others are still working with us as we develop and implement specific controls based on their environment requirements.

Me: Do you have an open source strategy?

David: We believed from the start that heterogeneity would become the norm within the data center, and the recent announcements from Oracle and Sun seem to support this belief. We are a RedHat and Citrix partner, and we are already working on incorporating support for these open source platforms into our product roadmap.

Me: What about partnerships with market leaders? How do you think Microsoft's Hyper-V and SCVMM will affect the VMware's monopoly in the Server virtualization market and how are you positioning your product among these vendors?

David: Despite its impressive growth, virtualization is still an immature marketplace – as you can see from the number of new entrants we are experiencing.

As the market matures, we believe organizations will select different virtualization technology for different needs and applications, and that heterogeneity will become the norm. V-Commander currently supports VMware, and we are partnering and building strong relationships with all the key virtualization vendors like VMware, Citrix, Virtual Iron and Microsoft; to complement what they do and offer additional value to our customers. And we will of course be looking at new entrants such as Sun, Oracle and Parallels as they emerge and grow.

There is no doubt that Microsoft will be a significant player in this space. They are late out of the gate, but given the state of the market and their huge installed base this is not much of a barrier for them. Organizations like Microsoft cannot help but disrupt any market it chooses to enter, and the server virtualization market is no exception.

We have talked to a fair number of customers (especially those with enterprise licenses from Microsoft), who are willing to wait for the Hyper-V product before committing to virtualization as a strategy. Do not get me wrong, they are still using VMware (and others), to obtain the immediate benefits of server consolidation, but they are willing to wait for Hyper-V before establishing server virtualization as a corporate architecture and they scale their deployments.


PS: David, does make an interesting point here. We are experiencing a typical "state-of-flux" in Europe as a whole (UK not included), and a lot of organizations are using VMware. But you'd be surprised that they are still not deploying it in their production, they have setup robust test, development and even staging in many cases, but production is too holy to get on with anyone. Some have specifically stated that they will wait for Microsoft's Hyper-V, also since many have Citrix solutions and are not sure if they'd like to go "all the way" with VMware.

Me: What makes V-Commander VMLM solution different from your competitors?

David: Unlike a lot of our competitors who focus on specific operational points within the VM lifecycle model; provisioning, backup, optimization etc., we are focused on allowing organizations to control all VMs in their environment, repair the “damage” that these ethereal machines do to physical control and monitoring systems, and automate policy enforcement to ensure that our customers never experience virtual sprawl.

The key word here is enforcement. For example; VMware’s Virtual Center (VC), is a very good deployment and management tool for VMs, but it is more about making it as simple as possible to create and deploy VMs, than policy enforcement.

We are tightly linked to VMware’s VC and complement its functionality very well; overlaying policy enforcement, and allowing data center managers and administrators to get a federated view of their environment across all VCs.

In addition to automating policy enforcement, we provide critical insight into the entire environment - across multiple VCs without having to jump from one console to another and manually track things.

Another example is Dunes, recently acquired by VMware, who provide run book automation. They allow organizations to automate workflow around provisioning, configuration management, etc. In doing so they enforce adherence to policy through constancy - ensuring that the same process is used each and every time a specific task needs to be performed.

But they cannot monitor the environment, automatically identify out of process VMs, and react to them as they appear. They cannot mitigate against the impact of the mobility of VMs –this is where we add value.

V-Commander is simple to set-up and operate and is designed to complement the component parts of the lifecycle of a VM. Our customers have told us that they want to use best-in-class tools to handle all the individual steps associated with VMLM, but that they also need the security, auditability and control that comes with the combination of VM Identity Management (the ability to recognize a VM as it appears), and Policy Enforcement.

Question: What role can V-Commander play within an existing semi-Virtual semi Physical Infrastructure? Can it also be taken right away with a new Virtualization project? For instance, I interviewed Intel's team a few days back and they are going a big way in consolidating some 130 data centers to 8 hubs, how does a party benefit directly from V-commander?

Answer: I think all data centers today are to some degree a combination of physical and virtual infrastructure. Virtualization brings a combination of unprecedented flexibility and agility to not only the operations of a data center but also its architecture and structure.

The intrinsic value of virtualization can be seen in the way it has been adopted in most data centers. Most new technologies enter the data center in a very proscribed path: they goes through rigorous testing and planning cycles that look at its impact on all elements; networking, storage, architecture, applications compliance, security and operations.

Only then is it deployed.

Server virtualization on the other hand, came in through the “back door”.

In most organizations it was initially deployed as an operations tool… a very valuable operations tool, but an operations tool nevertheless. It is only now starting to go through the architecture and integration planning that modern data centers need.

One thing is clear; virtualization breaks a number of control processes and systems. It does not play well with traditional monitoring and reporting tools or with security systems and architectures. This is something that will need to be addressed quickly.

Ultimately, traditional management tools will morph to incorporate the virtual environments – or perhaps it will happen the other way round. Either way, as with wireless networking, the control systems will extend to cover the new reality that virtualization represents. But that day is still a long way off.

Until we get there, organizations will need to push the traditional management and control vendors to get serious about supporting the virtual world, and in the meantime utilize products like V-Commander to ensure they maintain their security and control, while enabling them to take full advantage of the unique value of virtualization.

Because if they don’t, their competition will….

In your question, you ask if V-Commander can be used (and add value), right away with a new virtualization project… It not only can, but it should.

Trying to manage virtual environments with traditional “physical” oriented tools can be a lot like herding cats - You are going to expend a lot of energy and resources, but ultimately you WILL lose control.

Until the classical data center management and control systems incorporate capabilities like VM Identity Management, enterprise wide oversight and policy enforcement, IT staff will need to protect themselves and maintain control of their environment by using products that do… like Embotics V-Commander….

Comments

  1. They sound like the other company you mentioned last week, Fortisphere. They have a short demo at www.fortisphere.com.

    ReplyDelete
  2. A lot needs to happen. VMLM, Security etc. A lot of start-ups are going for it.

    VMware on the other hand is try to do everything itself after having acquired Dunes and Determina, so I am really curious if customers are willing to jump from one vendor lock to another!

    Not the kind of liberation that I'd advice to the ones want to have the "best of all" within their data centers!

    Anyways its good to see that there are other players as well.

    ReplyDelete

Post a Comment

Popular posts from this blog

Security: VMware Workstation 6 vulnerability

vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially run arbitrary code with kernel privileges. The issue is in the vmstor-60 driver, which is supposed to mount VMware images within the host OS. When sending the IOCTL code FsSetVoleInformation with subcode FsSetFileInformation with a large buffer and underreporting its size to at max 1024 bytes, it will underrun and potentially execute arbitrary code. Security focus

Splunk that!

Saw this advert on Slashdot and went on to look for it and found the tour pretty neat to look at. Check out the demo too! So why would I need it? WHY NOT? I'd say. As an organization grows , new services, new data comes by, new logs start accumulating on the servers and it becomes increasingly difficult to look at all those logs, leave alone that you'd have time to read them and who cares about analysis as the time to look for those log files already makes your day, isn't it? Well a solution like this is a cool option to have your sysadmins/operators look at ONE PLACE and thus you don't have your administrators lurking around in your physical servers and *accidentally* messing up things there. Go ahead and give it a shot by downloading it and testing it. I'll give it a shot myself! Ok so I went ahead and installed it. Do this... [root@tarrydev Software]# ./splunk-Server-1.0.1-linux-installer.bin to install and this (if you screw up) [root@tarrydev Software]# /op

Virtualization is hot and sexy!

If this does not convince you to virtualize, believe me, nothing will :-) As you will hear these gorgeous women mention VMware, Akkori, Pano Logic, Microsoft and VKernel. They forgot to mention rackspace ;-) virtualization girl video I'm convinced, aren't you? Check out their site as well!