But there are some servers that virtualization just can't handle, Rapp notes, so they continue to reside on dedicated physical servers. Among those nonvirtualized servers are the VoIP servers, whose I/O needs are too high. The bank also keeps file servers on dedicated boxes to get the extra I/O speed — because virtualization makes several server instances share disks, CPUs, buses, and network connections, an I/O slowdown occurs. In many cases, that slowdown doesn't affect overall performance, but it can be an issue in I/O-intensive functions involving file servers, e-mail servers, and database servers, Rapp notes. "Everything that doesn't require sophisticated timing, specialized hardware, or high performance now goes onto VMware servers," he says.
In some cases, the VMs' operating systems can be tweaked to allow deployment as a virtual machine, Rapp says. That's the case for his RSA security-token servers, which needed to be fine-tuned to ensure there was no lag between the issuance of a new key and processing of a key response from a user. Sometimes, the issue is physical. For example, telephone-banking servers require special hardware cards for telephony functions, which can't be plugged into a VM.
Beyond better utilization and lower power consumption, virtualization lets the bank deploy servers faster, since it can create them in 10 to 20 minutes from standard images, rather than hand-install them as in physical environments — a two-week process, Rapp says. But the ease of deployment does have a dark side, he notes. Because it's so easy to make a new server, "proliferation is an issue," Rapp notes, one that could drive up overall management overhead.