The vCurve

What would a deployment of over 6 million virtual machines look like? The picture to the right is 10,000 nodes so multiply that by 600. Today we announced that Savvis (NASDAQ:SVVS) has selected Reflex to provide virtual security infrastructure for their new Project Spirit offering. The Reflex vTrust software will be deployed in tandem in the Savvis cloud with the Cisco Nexus 1000V creating a highly scalable cloud infrastructure. Savvis has over 1.4 million square feet of raised floor so if you did some back of the envelope extrapolation, made some assumptions on hardware, and considered every square foot could be used for virtualization hosting, which would never happen but is kind of fun to think about, Savvis could theoretically run over 6 million virtual machines across their existing 28 data centers. Managing the security in that large of an environment presents some pretty tough challenges.

As Phil Koen, CEO of Savvis, has stated, “Without a doubt, security is a single largest customer concern around Cloud.” In addition John Chambers has stated that cloud computing “is a security nightmare and it can’t be handled in traditional ways.” John is right; solving the cloud security problem has been quite challenging. We definitely did not take a traditional approach and instead came up with a very dynamic policy model that can scale to large environments. The Savvis selection of Reflex is a testament to the intellectual property that has been built into the Reflex VMC solution using the vTrust technology and made possible by the new VMsafe technology built into vSphere by VMware.

One of the exciting new possibilities about Savvis and other service providers running the Reflex VMC solution internally is the ability to dynamically move virtual machines between the environments. With the addition of the new VMware vCloud API, VMware has opened up a great foundation for moving virtual machines between your enterprise and the cloud. What Reflex is adding to the vCloud initiative is automating the transfer of sophisticated internal security policy to/from the cloud. Automated security policy transfer means that no matter where virtual machines may live as a part of an application, the security policy of the virtual machines travels with them. This type of policy movement does not make any assumptions about the applications themselves but instead assumes a raw IaaS type of service offering.

To hear more about how VMware, Reflex, and Savvis are working together to advance the state of cloud computing, feel free to register for our joint webinar on October 6th: https://www2.gotomeeting.com/register/679833250

Aaron Bawcom is the Chief Technology Officer for Reflex Systems, a provider of end-to-end virtualization management solutions based out of Atlanta, GA. Contact him at abawcom@reflexsystems.com.

written by Aaron Bawcom \\ tags: Cloud, firewall, security, virtual, vmsafe, vsphere

We are in the home stretch on our next release here at Reflex. I already showed a view of the vmSafe based network policy editor and now I’m going to reveal some more of our vTrust dynamic policy capabilities. The window at the right is an editor for a simple alerting rule.

Using Reflex’s domain specific query language, VQL, a condition is set that looks for a disconnected host event. When that event is detected, a python script is run that adds a new alert into the Reflex management system and sends an email to the administrator

We are combining Reflex’s ability to track events, configuration changes, security alerts, and other information to write comprehensive policy with automated enforcement. The use of the VMware python API, and soon Power Shell, translates to limitless possibilities for policy enforcement in virtual environments.

Want to see more? Sign up for our beta and try it out against existing VI3 environments or use this and the vmSafe component with vSphere.

First Reflex lets you see your virtual environment, now you can take control of it.

Mike Wronski, VP of Product Management
Twitter: @Reflex_Mike

written by Mike Wronski \\ tags: vmsafe, vsphere, vTrust

Reflex has been working hard on our next release to coincide with the general availability of VMware vSphere and the VMsafe initiative. We think it will be game changing for policy and security management in virtual environments, going well beyond a simple security zone.

In the mean time, here is a peek at our new policy interface. Look for an announcement with more details soon.

written by Mike Wronski \\ tags: security, vmsafe, vmware, vsphere