An official API for ESX hypervisor security was announced by VMware and supported by vingt entreprises de securite. The 20 names on board with VMsafe are a who's who of security vendors from big guns Symantec and McAfee to virt specialists like Reflex Security, Blue Lane Technologies and Catbird (yes, the naked ad people). What's the big deal? VMsafe provides a common toolset for monitoring traffic through the hypervisor. ESX hosts become less of a mysterious black box and a touch more transparent. Security vendors can tweak existing tools (or create new VM-specific goodies) to detect illicit traffic and guard against evil, er... compromised guests, malware, etc. Just how good will the new API be for all involved (especially the old-school shops that have been a bit conservative in entering the virtualized world? We'll see. Chris Hoff took a nice first blush at what VMsafe means to you, me, and the market if you care to learn more.
Embedded hypervisors abound... VMware announced that Dell, IBM, and HP will be shipping servers with ESX 3i within 60 days. Fujitsu/Siemens is shipping 3i 'Primergy' boxes now, starting around EUR 2,300, or $3,492. To paraphrase Diane Green, CEO: VMware is very excited about this. VMware, Citrix, and VirtualIron are all working with major server vendors to get embedded or at least pre-installed. You know all players are hoping to grab as much share as possible before Hyper-V starts rolling on, what, 95% of all shipping servers? So hurry up, get your platform in the customer's door, gain mindshare, and be on hand for a simple upgrade when requirements increase. You can bet that VMware is looking to supersize 3i boxes to VI3 as soon as it can.
Following up on the 3i thread, Emulex demoed its HBA management toolset for 3i hosts. While few folks use HBAs and sexy in the same sentence, 4 Gbps and 8 Gbps make the Fibre Channel world go 'round. Want to get that new embedded-hypervisor host up, spinning, and connected to your FC SAN? I spoke with Scott McIntyre, a VP at Emulex, earlier this week and I feel he is one of those folks who could use sexy to talk about HBAs. Emulex has put a bunch of development work into this as well as developing solutions for Win2K8, Oracle's virt offerings, and FCoE. Centralized management of HBAs and virtual HBAs makes your life a heck of a lot easier, and Emulex integrates those management tools with 3i out of the box.
And since we're talking I/O... Neterion formally joined the VMware TAP program, bringing its 10 GbE goodness to ESX 3.5 and 3i via the Xframe product line. Drivers are available now. I met with reps from the company for a chat prior to VMworld; the Xframe adapters support I/O virtualization in hardware. Neterion has had its eye on virtualization throughout the design of this product line. The booth demo showed an IBM x3850 with three VMs pulling a consistent 9.8 Gbps benchmark. While I'm sure real-world mileage will vary, performance tuning for 3.5 and 3i virtualized environments seems to have paid off, with full support for VMotion and integrated management tools.
And... Sun will now provide full support for the VMware Infrastructure product suite on its x86 servers while continuing to support homegrown xVM. Which leads us to more desktop virtualization. Sun also showed off its Virtual Desktop Infrastructure 2.0, rolling on ESX server and VMware Virtual Center to deliver network-based desktops. This will run on thin clients, SunVDI, or VMware (on Mac or PCs) to deliver a user desktop. How many virt desktop solutions are there again?VMworld Europe offered a bunch o' news. VMware and others come out strong on systems management and security tools. I guess they have been listening to their customers.