Securing virtual machines in the cloud

Choosing protection for a virtual infrastructure is a lot like buying an antivirus product for the Mac OS: most people would wonder why you bothered. Nonetheless, as more IT shops migrate their servers to virtual machines and cloud-based environments, it is only a matter of time before protecting these resources becomes considerably more important.

However, you can't just install your firewall or antivirus software on a cloud-based virtual machine (VM). Physical firewalls aren't designed to inspect and filter the vast amount of traffic originating from a hypervisor running 10 virtualized servers. Because VMs can start, stop and move from hypervisor to hypervisor at the click of a button, whatever protection you've chosen has to handle these activities with ease. Plus, as the number of VMs increases in the data center, it becomes harder to account for, manage and protect them. And if unauthorized people gain access to the hypervisor, they can take advantage of the lack of controls and modify all the VMs housed there.

As enterprises move toward virtualizing more of their servers and data center infrastructure, they need specialized protective technologies that match this environment. Luckily, there are numerous vendors who have stepped up to this challenge, although the level of protection is still nowhere close to the depth and breadth that is available for physical server protective products.

Three questions to ask when considering Microsoft Azure

Cloud computing is, for some, a means of escaping from the clutches of traditional computer and software vendors. Most enterprises realize that the value of cloud will depend on how well services integrate with their own IT commitments and investments.

Because Microsoft is so much a part of internal IT, Microsoft's cloud approach is especially important to users. Many will find it compelling; others may decide it's impossible to adopt. Which camp are you in?

The foundation of Microsoft Azure's value proposition is the notion that users must design their enterprise IT infrastructure for peak load and high reliability operation, although both of these requirements waste a lot of budget dollars. The Azure solution is to draw on cloud computing to fill processing needs that exceed the long-time average. It also backs up application resources to achieve the necessary levels of availability, if normal data center elements can't provide those levels.

This means that Azure, unlike most cloud architectures, has to be based on elastic workload sharing between the enterprise and the cloud. They accomplish this by adopting many service-oriented architecture (SOA) concepts, including workflow management (the Azure Service Bus).