VMware Global Alliances Blog

Posted by Travis Nisbett
Hosting.com, Sr. Product
Manager

There’s a very common saying – disaster happens. Actually, that’s not the saying, but it is close enough. And disasters come in a variety of flavors – everything from people making mistakes to horrible disasters like hurricanes.  In any case, when something happens, you want to be ready for it and be able to continue moving forward. That’s true in our personal lives, and it’s true in the business world.

Drivers have auto insurance for that very reason. Insurance provides the funds necessary to continue to be able to repair a vehicle after an accident. Hopefully, insurance is something you won’t ever need.But it provides peace of mind in the meantime. In some locales, regulatory compliance means that you must carry insurance.

Hosting.com has been working with VMware to provide insurance in the form of Disaster Recovery services to our customers. These services provide organizations with the ability to operate mission-critical business solutions quickly after a disaster interrupts operation. Historically, when a disaster occurred, it took a great deal of time, energy, and resources (both human and capital) to get those business systems back up and running. In addition, there are intangible costs such as loss of reputation and brand equity, as well as impacts on customer satisfaction. Thanks to Cloud Replication, a service for disaster recovery that utilizes VMware’s SRM 5 solution, companies can now have replacement systems operational in a very short period of time (often less than 15 minutes) with very little data loss.

Hopefully, a disaster doesn’t happen and you won’t need to implement the disaster recovery.  But what about that peace of mind? Cloud Replication from Hosting.com includes non-disruptive testing capabilities so that you can test your disaster recovery plans at your leisure - according to a set schedule or whenever your systems change. And just like the situation where some government agencies mandate auto insurance to remain in compliance, some oversight organizations require disaster recovery planning and testing of such plans to remain in compliance.

The Hosting.com Customer Portal makes such testing quick and easy. A single mouse click on the “Test” button starts a test. This causes no interruption to the production system. And the results of the test are readily accessible in a report that shows all recovery steps and their success or failure (see screenshot below). That provides the peace of mind that IT managers want and need.

The following chart provides a picture of the test output in the Hosting.com customer portal. As you can see, this provides a clear illustration of the test results that can be utilized to ensure RTO / RPO targets are being met and also to provide to third parties for compliance purposes.

Cloud Replication from Hosting.com provides disaster recovery services that used to be available only to the largest organizations. The fact is all companies  run mission-critical applications and need a cost-effective way to protect their data. Cloud replication is a fast, secure, and affordable insurance policy.

For more information on Hosting.com’s cloud-based disaster recovery solutions, please register here for the DR to the Cloud webinar on May 17th featuring experts from VMware and Hosting.com or watch the video below from the Hosting.com Cloud Replication webpage.

Posted by Paul Vasquez
Strategic Alliance Manager

It’s difficult to imagine the future, but every day CIOs make decisions that impact the trajectory of their businesses. Some decisions are simple cost equations. Will a new solution save the company money, and is the savings enough to justify the purchase? Other decisions affect business and IT agility. Will a new solution improve time to market or deliver an equally important competitive advantage? In the case of virtualizing mission-critical applications with Symantec and VMware, the answers are yes and yes.

We have been working closely with Symantec to deliver enterprise solutions that increase the security, compliance and availability of virtualized business-critical applications while reducing costs. As a result of our tight collaboration and joint development, together we now offer:

• Extensive protection for virtual and cloud environments, including five security integrations with the VMware cloud infrastructure suite. Symantec Data Loss Prevention, Symantec Control Compliance Suite, Symantec Critical System Protection, Symantec Security Information Manager (SSIM) and Symantec Managed Security Service (MSS) all are designed to ensure customers have both the security and compliance controls necessary for private or hybrid cloud deployments..
• Comprehensive high-availability  with vSphere High Availability and Symantec ApplicationHA. We also jointly offer Symantec VirtualStore and optimized storage I/O performance and availability. These solutions enhance the availability of Tier 1 virtualized applications, improve application manageability through visibility, and support the rapid provisioning of servers and virtual desktops.

For additional information on these and other Symantec solutions for VMware, please visit our Virtualization resource page at Symantec.com.

While it’s important that all applications remain accessible and protected when virtualized, it’s critical that they remain highly available and highly secure when they are the applications that run your business. Symantec and VMware virtualize your mission-critical business applications—including Microsoft Exchange, SQL, SharePoint and others—with confidence.

Vision is having foresight. Looking ahead, there’s no reason to simply imagine how these solutions will impact your business. Come see how they really work. Join us at Symantec Vision 2012, May 7-10 in Las Vegas.

Posted by Wen Yu, Alliances
Staff Systems Engineer

Looking for a low risk, agile and efficient architecture for your small cloud infrastructure deployment?  Look no further because the VMware, NetApp and Cisco Entry Level FlexPod will be your answered.   Entry Level FlexPod provides the value of FlexPod sized right for smaller workloads. Suitable for uses that include midsize enterprise workloads and remote or branch offices, FlexPod ES brings large-enterprise-class IT infrastructure to smaller deployments at a price that fits limited IT budgets.  Let’s take technical dive into the architecture, and the built-in joint integrations that make life simple for IT architects and administrators.

Unified Highly Available, Scalable Architecture

Compute: Cisco UCS C200 rack mountable server connects directly to the Nexus 2000 fabric extender

Network: Cisco Nexus 2000 series Fabric Extender provides scalable unified server access across 1Gb to 10Gb Ethernet, and also serves as the extension to the access layer Nexus 5000 switch.  All C200 servers connected to the fabric extender become a single unified highly available management domain

Storage: NetApp FAS2240 storage, with built-in 10Gb support, and also capable of running Data ONTAP Cluster mode

Cloud Infrastructure
The above hardware architecture serves as the solid foundation for VMware Cloud Infrastructure, which consists of vSphere, vCenter and Site Recovery Manager, to provide end customers with a highly available, scalable solution with built-in automation, hardware acceleration, management and business continuity capabilities.

Built-in Integration At a Glance

In addition to the built-in integrations above, the following VMware Cloud Infrastructure features help providing additional benefits for IT Architect and Admin, please refer to NetApp and VMware joint best practices paper TR3749 for further details.

Key Takeaway
Want to be part of the cloud journey?  The first step is to lay the right foundation. VMware Cloud Infrastructure, together with Entry Level FlexPOD, provides customers with simple, low risk, highly available, highly efficient and highly scalable architecture – we can take you there!

Posted by Glenn Weyhausen
Sr. Partner Marketing Mgr,
vCloud Service

Is security in the public cloud possible? In Part I of this blog series we highlighted the experiences of two Bluelock customers and how their move to the public cloud was actually motivated by the need to meet strict regulations and compliance requirements. By taking advantage of Bluelock’s numerous security accreditations and strong physical security, Bluelock’s customers were able to achieve improved security and significant savings in their move to the public cloud.

In Part II of this blog series, we’ll review the experiences of two iland customers and the benefits they received by moving to the public cloud. iland Internet Solutions, provides hosted cloud infrastructure services in North America and Europe that enable customers to leverage enterprise class infrastructure in the form of virtual datacenters with flexible billing and capacity models.

GxPi – Creator of Electronic Document Management Solutions for Life Sciences Meets Regulatory Requirments with iland

GxPi is a ten-year veteran working in Good Practice (GxP) compliance, and provides products and services that simplify compliance with the regulatory requirements within the Life Sciences sector. The company is headquartered in the UK and therefore must comply with specific GxP requirements and regulations.

Of the company’s decision to utilize a cloud infrastructure as a service (IaaS), the managing director stated, “[Security and operations] is not our core business…I know some cloud providers can do this job better than we can, this is what they focus 100% of their energy on.” 

The managing director then shared that by moving GxPi’s applications to the cloud, they were able to:

• Increase focus on their core business;
• Achieve a superior IT solutions and cost savings;
• Take advantage of iland’s reporting and audit capabilities

According to the managing director, “There are significant savings from operations. Just the capital investments I used to make are equivalent to what I pay for my cloud solution, and that covers everything.”

eMix – Medical Information Exchange Provider Uses iland to Deliver Secure Medical Information

eMix is a company that provides medical information exchange across several locations and between hospitals, healthcare institutions, physicians and patients. This sensitive information includes medical scans, pictures, x-rays, and other medical documents. Companies operating within the health care industry are under heavy regulatory oversight, so security is a major concern for eMix.

After attempting to operate their own datacenter for six months, it became clear to the company that it was not the best solution. eMix’s general manager (GM) commented, “CIOs have matured from erroneously thinking that just because the data was in their datacenter it was more secure. The fact is that the security effectiveness is based on the implemented policy and strategy with careful tracking and auditing, not where it is or whose equipment it is on.”

The company then decided to adopt a cloud solution in order to:

• Increase the reliability, availability and scalability of its business
• Take advantage of expert cloud staff with round-the-clock support and response

Because eMix already runs their private cloud on VMware technology, they required a provider that offered a VMware vCloud public cloud solution. iland was selected based on its strong partnership with VMware, solid customer focus and responsiveness.

According to eMix’s GM, the development of enterprise-class cloud services and the security capabilities of those services now make the public cloud not only a viable, but also an appealing alternative.

For more information, download the Public Cloud Security Advantage Whitepaper, and stay tuned for Part III of this series, where we’ll be diving into the experiences of two Tier 3 customers in their move to the public cloud. For more stories from the VMware Service Provider and Partner Network, be sure to check out vCloud Blog, and follow @vCloud and @VMwareSP for future updates.

Posted by Glenn Weyhausen
Sr. Partner Marketing Mgr,
vCloud Service

While security is still considered a large inhibitor to the adoption of public cloud, it has also become one of the top reasons for some companies to select a public cloud. This is because with increasing regulations and compliance requirements, many companies that need state-of-the-art security infrastructure, software and personnel have found that an enterprise-class public cloud solution is the best option for their computing needs.

In Part I of this blog series, we’ll highlight the experiences of two Bluelock customers in industries burdened by strict security requirements, whose move to the cloud was motivated by the desire to receive better security than they could provide themselves.

Financial Software Company Uses Bluelock to Deliver Secure Cloud Solution
The first company we’ll highlight is a financial company that produces software to manage trusts and provides investment management software for governments, banks, IRAs and law firms.  According to the company’s president and chief operating officer (COO), the company wanted to move its operations to the cloud in order to achieve these benefits:

• Secure and reliable platform to provide a SaaS offering
• Improved security standing
• Instant scalability to meet the demands of existing clients
• Flexibility to capture new customers
• Reduced costs
• Minimize IT operational demands

While many questioned whether a public cloud solution was the most secure option for a financial company, both the president and COO agreed that between Bluelock’s finger print security and man traps at their facility, “Bluelock’s private cloud has more security than we have at our own datacenter.”  They also added that though the cloud hosting costs are what their hardware costs would have been to build out, they are saving on personnel, operations, and reporting, and in sum, are “getting a better and more secure solution for much less.

Provider of Smart Meters Meets Strict Utility Security Requirements with Bluelock
The second company we’ll highlight is a software company that provides software meters to utility companies. The company’s operations director explained that their initial motivator to the cloud was to provide infrastructure for development and testing, allowing teams across the world to utilize a common infrastructure that would scale to meet customer needs. They looked at public cloud solutions to simplify their IT operations and provide high security.

The company selected Bluelock due to their numerous security accreditations, strong physical security, and ability to act as a partner and advisor, not just an infrastructure provider. According to the operations director, the top benefits the company experienced from their cloud deployment includes:

• Improved user experience
• Better overall performance
• Significant savings on capital outlay

Additionally, the company has shared, “Yes, the cloud is providing cost savings, but our development team has a lot more flexibility and this will create new options for our customers in the future.”

As the experiences of these two companies show, companies of all sizes and industries, even those that are heavily regulated, have seen the value of moving to the public cloud.

For more information, download the Public Cloud Security Advantage Whitepaper, and stay tuned for Part II of this series, where we’ll be diving into the experiences of two iland customers in their move to the public cloud. Be sure to follow @vCloud and the VMware vCloud Blog.

Posted by Dave Asprey
Trend Micro, VP Cloud
Security Virtualization
& Cloud Tech Evangelist

Virtualization serves as a foundational technology for cloud computing. Many IT organizations with mature virtualization deployments report that security and compliance with regulatory requirements, industry standards and IT best practices are easier to attain.* Previously, security and compliance were perceived as major concerns for moving to the cloud, as indicated by an earlier survey of chief information officers.

At this year’s RSA conference, Steve Quane, Chief Product Officer at Trend Micro spoke about the recent introduction of Trend Micro Deep Security 8—our new comprehensive server security platform. Deep Security 8 is designed to accelerate the ROI of virtualization and cloud projects for VMware environments, while simplifying security operations and providing ‘better-than-physical’ security.

VMware and Trend Micro partnered to deliver the first agentless antivirus solution. We have expanded our offerings to provide a full agentless security platform integrated with the VMware vShield Endpoint APIs. Specifically, Deep Security 8 adds agentless File Integrity Monitoring to vShield using the vShield Endpoint APIs. Integrity Monitoring is a key component of a layered defense approach, which can be effective in combating targeted attacks, also known as “APTs” or Advanced Persistent Threats.

To learn more or to try Deep Security 8, visit Trend Micro or VMware Solution Exchange.

* Enterprise Strategy Group. “Virtualization Market and the ESG Virtualization Maturity Model.” Mark Bowker and Jon Oltsik. April 2011.

Posted by Jeremiah Cornelius
Information Securiy Architect
VMware Technical Alliances

This year’s RSA conference set a new benchmark for VMware presence and the reach of our partnerships for securing the virtual datacenter and cloud computing models.  It’s been exciting to see the evidence of a growing partner ecosystem that is focused on solving the real security needs of customers with VMware as their enabling platform.

Two years ago, it was difficult to find anything on the exhibition floor with much of a security approach for virtualization. By last year’s conference, the ubiquity of virtual platform adoption could be seen, but often with little done to enable data center transformation. Today, there are many more technologies for realizing virtual and cloud solutions among the exhibitors.  I predict that we’ll next year we’ll see near disappearance of many of cloud messages, as mainstreaming continues.

What’s different for VMware? At the 2011 show, we had one partner, with solutions integrated on our vShield technology.  Now, we are featuring co-exhibition by fifteen global alliance partners, many with multiple solutions on display and actively promoting vShield in their centerpiece offerings.

Another indicator of the mainstreaming of clouds and virtualization was the “Cloud Computing” conference track that featured 29 breakout sessions. The keywords “cloud” and “virtual” yielded over 75 sessions presented at RSA 2012, and the subject came up in every session I attended - even those seemingly unrelated.

In addition to standard track offerings for RSA conference attendees, the Cloud Security Alliance was hosted at RSA 2012 for their annual summit.  The closing keynote was given by VMware’s own CTO, Steve Herrod. It was great to have Steve deliver the vision and solution of a VMware architected cloud.

As VMware continues to develop our excellent capability as the leading platform for building private cloud infrastructure, the opportunity will grow for our partnerships that yield robust and dynamic security solutions – delivering on the promise of security that is “better-than-physical”.  The RSA 2012 successes are our sign of what’s to come, and I’m already looking forward to next-year’s conference.

Posted by George Gerchow
Director, VMware Center for
Policy & Compliance

Hi everyone! I’m in beautiful SF today attending the RSA Conference. If you are not familiar with this conference, this is the premier Security Conference in the world. One solution that I am really jazzed about is on display at the RSA booth in the Expo Hall, integrates a number of core configuration compliance related technologies from VMware, EMC and RSA.

This IT Governance, Risk and Compliance (GRC) solution leverages EMC’s Network Configuration Manager (NCM) and Storage Configuration Advisor (SCA); along with VMware’s vCenter Configuration Manager (VCM) to automatically and continuously collect and evaluate configuration compliance across Network, Storage and Compute layers within the data center. The cherry on the top is RSA’s Archer eGRC solution which integrates the results of these domain specific configuration management offerings and provides a consolidated, integrated and comprehensive view of IT configuration compliance across the entire data center.

With this solution, teams responsible for ensuring the configuration compliance of the IT infrastructure across the entire enterprise can begin to achieve a coordinated view of compliance across all infrastructure layers. Anyone that has been involved in trying to solve this kind of problems in the past can appreciate both how difficult a task this can be and by extension what an accomplishment this is. There is a much more detailed write up of the integrated solution on the EMC ManagedView blog so please check it out.  If this looks like an approach that can help you achieve security and compliance related objectives in your enterprise, I encourage you to follow up with EMC, RSA or VMware sales for more information.

Finally, in the words made famous by the Monty Python show  “now for something completely different” -  check out this new video about Security and Compliance that my colleagues back on the ranch just created.  Let us know what you think and if you like it pass it on.

Posted by Shobhana Viswanathan
Senior Marketing Manager -
Global Alliances

 The RSA Conference 2012 is right around the corner! The event takes place between February 27^th and March 2^nd, at the Moscone Center in San Francisco. Every year has a different theme, and this year’s is “The Big Cipher Mightier than the Sword”.

Top 3 Reasons to attend the RSA Conference

1.     Meet  your peers, zero in on the latest security and compliance trends solutions

With a keynote from former British PM Tony Blair and a strong presence by VMware and its security ecosystem partners  -   this year is definitely going to be a fabulous event!  Attend keynotes, sessions and network with your peers at the Moscone Center.

2.     Learn  why  clouds built on VMware are more secure than any other environment

Clouds and virtualization offer powerful ways for organizations to manage and use information, but security and compliance continue to be inhibitors in their journey to the cloud.  Come and visit our booth #2041 to see how VMware, combined with our security partners, collaborate to develop jointly integrated solutions that improve customers’ trust in the cloud.  We have a slew of partners both big and small – Symantec, Trend Micro, Kaspersky, McAfee, HP Tipping Point, Hytrust, BitDefender, Sophos, …the list goes on!

3.     Engage with VMware social media activities

Attend the VMware and Trend Micro Tweetup which takes place at the VMware booth on Tuesday, February 28^th from 5:00 – 5:30. we will discuss how VMware and Trend Micro can help you secure your customers journey to the cloud. The tweetup is hosted by:

•  Dave Asprey, Trend Micro, VP of Cloud Security - @daveasprey    
•  George Gerchow, VMware, Director, Center for Policy & Compliance - @georgegerchow    
•  Rob Randell, Principal SE, Federal    
•  Jeremiah Cornelius, Alliances Partner Architect

There will also be a tweet-to-win contest where we will ask participants to answer a question on twitter using hashtag #VMwareRSA and those who tweet will be entered to win some great prizes. So visit our booth or tune into @VMwareEvents  and @VMware_Partners to learn more about this opportunity.

Hope to see you there!

Posted by Alicia Gaba,
Bluelock, Marketing Manager

Enterprise IT departments are facing increasing pressure to say “yes” to the business more often. They must provide better, faster service to their users while at the same time reducing costs. Given the sizeable investment of providing and managing the IT infrastructure that supports day-to-day operations, companies are taking a closer look at how to deliver IT services more cost effectively to the lines of business these services support. At the same time, CIOs are beginning to realize the strategic implications of the cloud and its ability to change the way they do business.

Bluelock and VMware are working closely together as strategic partners in order to deliver the next generation of enterprise-class hybrid cloud offerings. Based on the VMware vCloud Datacenter Service, Bluelock Virtual Datacenters provide the security, interoperability, and control that midsize and larger companies require to transform their datacenters into IT game-changers.

vCloud Director and vCloud Connector

Bluelock Virtual Datacenters take just minutes to set up, either through Bluelock’s managed services team or the VMware vCloud Director-based, self-service interface. The Bluelock Virtual Datacenter uses VMware’s cloud infrastructure technology, including vCloud Director, vCloud API, VMware vSphere, and vShield security. Using a common management and security model, IT can securely move workloads between internal datacenters and Bluelock Virtual Datacenters.

 VMware vCloud Connector enables Bluelock clients to move virtual machines, vApps, and templates between internal datacenters and Bluelock Virtual Datacenters with a centralized hybrid cloud management user interface. The vCloud Connector plugs into vSphere Client and allows administrators to access their consoles remotely; gain deep visibility into virtual resource allocation and consumption; and connect and manage all virtual and cloud environments.



SECURITY AND COMPLIANCE

Security is one of the biggest concerns for organizations that are considering cloud adoption. Bluelock’s advanced architecture and heightened emphasis on security offer the assurance that any applications and data moved to the cloud hosting environment will be adequately protected. Bluelock not only maintains important industry certifications and passes specific audits on behalf of its clients, but also helps clients to obtain vital certifications, such as PCI compliance, that will differentiate them in the marketplace. Bluelock Virtual Datacenters deliver consistent and auditable security and performance, as well as technical capabilities such as network isolation, role-based access control, and directory services integration.

 As enterprises evaluate the use of public and private cloud solutions, they also need to consider the security benefits and options offered by each.  While the hybrid cloud concept introduces new architecture considerations such as data migration, multi-cloud management, and distributed security models, it also presents new possibilities where security is concerned.

By determining the security requirements of your data, you’ll gain greater insight into which cloud model is most appropriate for your organization and whether your needs would best be served by an experienced cloud service provider. Table 1 shows an example of how an organization might weigh their cloud options for their particular context.

                                Source: Security in the Hybrid cloud: Putting Rumors to Rest (Bluelock and VMware whitepaper)

To learn how to deal with these security concerns, visit Bluelock’s resource center to access the cloud security whitepaper, Security in the Hybrid Cloud: Putting Rumors to Rest.