Improving visibility and transparency to better manage virtualised data environments

Data is getting bigger and data protection applications are ill-prepared to deal with the challenges this model poses.

August 13, 2012

By Fred Mitchell, Security Business Unit Manager at Drive Control Corporation

Data is getting bigger, virtualisation is expanding, and data protection applications are ill-prepared to deal with the challenges this model poses. There is a distinct need within virtualised environments to improve visibility and transparency, as virtual machines simply lack the level of visibility seen in physical environments. Virtualised data needs to be protected at the same level as physical data, but in a manner that is fitting to its unique attributes. Organisations need to bridge the gap between old and new, between physical and virtual, and more effectively manage virtualised data centres.

As workloads housed in virtual machines grow increasingly complex, the challenge for organisations lies in maintaining the same degree of security and protection as physical environments enjoy, while still leveraging the benefits of virtualisation. This requires a high level of visibility into the virtual environments, as organisations need to be able to view the virtual environment in order to better secure, protect, backup and recover these virtual machines.

However, there are several unique challenges involved here. Organisations need to avoid backing up large amounts of redundant data, as this can waste storage space and cause unnecessary expense and reduced performance. Enterprises also need to secure virtual machines while they are operational, without sacrificing on performance, and need to have a clear picture of exactly how many virtual machines are running in their environment for security and control purposes.

Solutions for managing virtualised data environments need to have certain features that lend themselves to this environment. They need to be intelligent, able to identify duplicate files to avoid unnecessary redundancy, and able to identify the files that have already been scanned and have not changed so that these files can be skipped, improving performance. IT management solutions also need to be able to quickly and identify all virtual machines active on a LAN. They should also enable organisations to backup virtual machines as entire virtual machines without sacrificing file recovery and without taxing the infrastructure. Furthermore, these solutions should automate the protection of virtual machines, regardless of their location, without hindering operations or infrastructure. The de-duplication of both virtual and physical machine data also should be able to be conducted globally and stored in a single pool.

However, while these features are critical for virtualised environments, this does not necessarily mean that a new backup and security solution is required. These features can also be applied to improve data management within physical environments. A single solution that enables improved management across both virtual and physical environments will provide the highest level of benefit with optimised cost, helping to further bridge the gap between the physical and the virtual.

Backup and storage solutions should also extend beyond data protection and storage.  Improved visibility increases an organisation’s ability to see into the security of virtual environments. Security for virtualised environments has similar requirements to physical environments, but with additional constraints, including the capability to secure the virtual infrastructure while using less memory, less CPU power and less disk input/output so that performance is not negatively impacted by security.

This again requires a certain level of intelligence. Features to look for include the ability to see the risk posed by a file on a virtual machine without opening or scanning it, reducing scan overhead, and the ability to separate physical clients from virtual ones and automatically apply relevant security policies. De-duplicated file scanning further reduces scan overhead by identifying which files have been scanned, and sharing those results across the virtual environment to ensure they are not rescanned unnecessarily. It is also important to for security solutions to be able to scan dark images, in other words scan files on virtual machines that are offline, and ensure that virtual machines are updated and fully compliant with security policies before they can access network.

Gaining greater insight into the virtual environment for improved management and security has a number of tangible benefits, including simplified management, lower IT operational costs and improved IT agility. Ensuring that solutions cover backup, storage and security and apply to both types of environments further extends these benefits, enabling the management of data protection in both physical and virtual systems through one console, simplifying processes and consolidating tools.

With the explosion of virtualisation, adequate data management and protection is critical. Organisations need to ensure that they implement best of breed backup, storage, and security to not only manage but accelerate virtualisation of critical business applications, leveraging the benefits of virtualisation while minimising the risks.