Cisco, NetApp, and VMware Tuesday announced a project to improve the security of virtualization deployments, with a focus on isolating applications that use the same physical network, server, and storage resources in multi-tenant systems.
The companies are providing clients a "secure multi-tenancy design architecture," an 80-page document that details how to safely deploy virtualized applications with products from the three companies, and are introducing a cooperative support model to make it easier for customers to resolve problems.
Virtualization security remains a work in progress
The "pre-tested and validated" design architecture is for customers who have deployed the Cisco Unified Computing System; Cisco Nexus Switches; NetApp FAS storage with MultiStore software, which creates logical partitions within a storage system; and VMware's vSphere virtualization software with vShield, another tool that creates secure, logical partitions in virtual systems.
System integrators and channel partners will also be able to use the design to sell stacks of hardware and software composed of the technology from all three companies.
Although this announcement does not include any new technology, representatives of the vendors said it can be difficult for customers to link the Cisco, NetApp and VMware products together in a way that protects them from dangers that crop up in multi-tenant environments. If configured properly, applications and associated data can be isolated between business units, customers, departments or specified "security zones."
"We see this as applicable for both enterprises and cloud service providers," says NetApp chief marketing officer Jay Kidd. Any IT shop building a highly virtualized, shared infrastructure at a large scale wants to isolate applications from each other to limit security risks and downtime, he said.
VMware is owned by storage company EMC, but it's not shocking that VMware is partnering with NetApp, says Enterprise Strategy Group analyst Mark Bowker. NetApp "is successful in the virtualization market as well, so it's no surprise," he says.
Although the design architecture is limited to deployments involving Cisco, NetApp, and VMware, Bowker said it could prove helpful to companies pursuing extensive virtualization projects.
"Having big vendors like this work together will help ease that transition to move business critical and mission critical applications" to virtualized servers, he said.
With the new, cooperative support model, customers that have implemented the reference design architecture can call any one of the three vendors when there is a problem. The vendor that receives the initial call will take the lead, but all three companies will work together to resolve the problem. The cost of support will remain the same.
Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin.