Going Virtual Has Real Risks

By Anthony Mar, Product Marketing Manager, Embotics Virtualization has the potential to reduce IT costs and enable more flexible processes and faster service innovation, but mismanagement can increase costs and vulnerability to risk.

The globalization of the supply chain has created a hypercompetitive environment for manufacturers around the world.  Competition is no longer limited to cost.  To succeed, manufacturers now need to be continuously introducing new designs, better production, supply chain processes and new services.

Innovation in information technology has always contributed to manufacturing innovation. Virtualization is one of the latest waves and is very enticing in this respect.  The versatility of virtualization has the potential to not only reduce IT costs but also enable more flexible processes and faster service innovation.  Managing virtualization is much more complex, however, and mismanagement not only increases costs, but also vulnerability to risk.

Virtualization separates an operating system from the hardware on which it runs.  This means that hardware is shared much easier.  The impact has been huge in the data center.  Using virtualization, data centers save space, power and cooling by consolidating their servers.

There is more to this than meets the eye, however.  The separation adds complexity to virtual machines that physical machines lack.  A virtual environment can change at the click of a mouse, as individual virtual machines (VMs) are created and moved to adjust to changing operating conditions, recover from outages, perform maintenance or deploy services.  This flexibility has vaulted virtualization from a tool for IT operations to a platform for data or network center architectures.

However, the virtualized data or network center contrasts starkly with the physical one.  With virtualization, it is no longer business as usual for manufacturers.

VMs are much more complicated than the physical servers they represent.  This complexity needs to be managed properly.  Four main problems include:
• VM identity
• Management
• Security
• Organization

If these areas are not thought through, control of VMs is quickly lost.

Which VM is this?

The first difference is one of identity. VMs can be copied quickly but are hard to differentiate. Further, VMs can move around the environment a great deal which makes it hard to find the ones you are looking for.

In contrast, physical hardware hardly moves, if it moves at all.  Prior to virtualization, the applications running on the hardware did not migrate either.

This lack of verifiable identity and accurate tracking makes it difficult to enforce corporate policies and can allow unauthorized or “rogue” VMs to creep into an environment unnoticed.

Management tools melt down

Management tools designed for physical servers work off of a set of base assumptions, such as “location is static,” “identity is certain,” or “servers are rarely ‘off’ for long,” which break with the introduction of virtualization.

This creates significant challenges for traditional management tools.  VMs can easily be counted more than once as they move through the environment.  Or not counted at all -- offline VMs are simply not visible to some traditional tools.  Can you imagine trying to prove compliance in such a dynamic environment?  It is even harder to perform troubleshooting or capacity planning.

Security tools must catch up

Traffic between VMs on the same host is invisible to the outside monitoring and is, by definition, no longer inspected by malware checkers or intrusion prevention or intrusion detection (IPS/IDS) systems.  A lot of security systems need to know what they are protecting and where it resides.  This works well when items are not moving around. With virtualization, this is not the case.

So, unless security is re-evaluated and tools are upgraded, adding virtualization may soften your security stance without you knowing it.

Traditional organizations do not work well

Properly administering VMs requires a breadth and depth of skill across multiple areas of expertise.  In fact, this breadth of skill is one of the reasons seasoned virtualization administrators are in such high demand -- it takes a long time to train one and opportunities are abound.

Additionally, there is an organizational challenge introduced by virtualization.  Silos must coordinate much closer in order to deploy and manage VMs properly.

Some manufacturing organizations have gone the route of special cross-silo virtualization teams to bridge this gap.  When more of the data or network center gets virtualized, who is responsible for corporate initiatives like compliance, optimizing hardware and end-to-end costs?

Virtual sprawl is a symptom of losing control

Virtual sprawl is defined as the proliferation of VMs without adequate control.  The affects of virtual sprawl include increased costs vs. plan, such as needing more hardware, more administrative resources or more software licenses.  In other words, virtual sprawl directly reduces virtualization’s ROI.

But virtual sprawl also increases risk.  It is much harder to audit and prove compliance, much harder to troubleshoot and plan capacity, and you need to re-learn how to mitigate for vulnerability and show compliance.

Forewarned is forearmed

Virtualization does have significant benefits for the manufacturing industry but they are negated unless they manage, secure and organize the environment.  When contemplating virtualization, start delving immediately into these areas before virtual sprawl eliminates the virtualization deployment’s ability to stay ahead of the competition.

Embotics provides a centralized management and control system for Virtual Machines (VMs). For additional information, visit https://www.snowsoftware.com/embotics/.