AnilDesai.net

Cloud Computing, Virtualization, .NET / SQL Server Development; Consultant / Author / Speaker

Archive for September, 2008

Managing Hyper-V Security

Sep 24

Posted by Anil Desai in Microsoft Hyper-V, Security, Virtualization | No Comments

I still remember some of my first questions when working with an early test version of Hyper-V (previously known under a wide variety of different names).  OK, I admit that it wasn’t all that long ago.  One of my main questions was related to managing permissions for virtual machines.  After all, not every user (or administrator) should have full permissions on each VM.  Well, Hyper-V does provide flexible and manageable methods for setting up roles and permissions. 

My recently SearchServerVirtualization.com article, Managing Hyper-V’s Security Permissions, describes the details.  From the introduction:

The burdens of managing security permissions are rarely seen as exciting, but they’re an essential duty to which we systems administrators are sworn to carry out. In this tip, I’ll talk about how you can configure and manage permissions for your Hyper-V host servers.

We all rely on a variety of different security methods to ensure that only authorized users can access data center resources. Specific components of overall security range from physical access limitations to network authentication and permissions management. Virtualization brings with it some new requirements, namely the ability to specify which types of actions users can take on host systems.

It’s certainly possible for administrators to manage virtual machines when they don’t have access to the guest OSes themselves. The ability to granularly define authorization rules is essential for production servers. Fortunately, Hyper-V provides methods for defining and maintaining these permissions. But, as you’ll soon see, it’s not an entirely intuitive approach.

The article provides details, steps, and screenshots that help describe the use of the powerful (but unfortunately nick-named) AzMan.

Hyper-V in Review: Strengths and Drawbacks

Sep 8

Posted by Anil Desai in Best Practices, Microsoft Hyper-V, Virtualization | No Comments

It has been several months since Microsoft’s Hyper-V has become officially available.  Since then, there have been some twists and variations, including a dedicated Hyper-V Server product that doesn’t require any Windows Server licenses (I’ll write about that sometime in the future).  It seemed like a good time to take a small step back and re-assess the state of Hyper-V.  In the early days, there was no shortage of fear, uncertainty, and doubt (FUD) being cast at the product.  Just a few months later, most experts seem to agree that Hyper-V is ready for the Enterprise and is a perfectly-viable option for data center deployments.

My recent SearchServerVirtualization.com article, Assessing Hyper-V’s Benefits, limitations looks at some of the details.  From the article’s introduction:

Earlier this year, the letters "ESX" were synonymous with server virtualization and VMware seemed to be the only practical game in town. It has now been a few months since a stealthy little software behemoth from the Pacific Northwest released its serious virtualization contender. And in that time, things have changed. In this tip, I’ll highlight some of the post-release considerations for Hyper-V.

Hyper-V’s strengths and weaknesses
Hyper-V’s primary strength is probably its ready availability in the data center. If you’re running Windows Server 2008 on 64-bit hardware, you’re just minutes away from enabling an industrial-strength Hypervisor. Hyper-V’s management tools should be familiar to anyone who manages Windows systems, and the last few months have shown that it is a stable and reliable option for the data center.

Of course, Hyper-V is not without its limitations. Virtualization experts are quick to point out that it doesn’t support live migration of VMs between servers and doesn’t allow administrators to over-commit memory (VMware provides both features). But, Hyper-V provides numerous options based on clustering, so building highly-available Hyper-V deployments is possible and supported. Users of this new product on the enterprise virtualization scene will need some time before completely trusting this candidate over the incumbents.

The full article is available for free and provides details related to support policies, and technical pros and cons of Microsoft’s latest virtualization product.

Webcast: Managing VM Sprawl

Sep 1

Posted by Anil Desai in Management, Virtualization, Webcasts | No Comments

I recent recorded a webcast, sponsored by Computer Associates (CA), titled Managing Virtual Machine Sprawl: Best Practices.  From the abstract for the presentation:

Virtual Machine (VM) Sprawl is an issue that is common with organizations that have dipped their toes in virtualization. It can cause issues with system management, security, resource optimization and lack of IT control, as well as workload management including software, hardware and services.

Virtualization expert Anil Desai reviews the definition of VM sprawl including impacts ad challenges, best practices for end-to-end management and centralizing administration and benefits of workload automation.

The free webcast is an overall description of the many different causes and effects of the rapid proliferation of unmanaged VMs and some suggestions on how IT departments can gain (or regain) control over their environments.