There is no question that virtualization provides benefits to the data center, but management simplicity is not one of them. There are three virtualization challenges that continue to pose problems for many administrators: virtual disaster recovery, virtual machine (VM) backup and data protection, and virtualization security.
The abstraction of virtualization separates applications from the underlying hardware, so it requires a greater level of system planning and management than a traditional nonvirtualized environment might need. Luckily, there are ways to overcome these virtualization challenges and better control your environment.
Virtual disaster recovery
Every organization must have a virtual disaster recovery plan for realistic disasters, although the type and scope of disasters can vary dramatically depending on a company’s location and the likelihood of specific disaster scenarios.
Virtualization technology is not a disaster recovery (DR) solution by itself, but virtualization opens a variety of DR options that may be difficult or impractical in a traditional nonvirtualized environment. For our purposes, virtual disaster recovery mainly involves the movement of data to off-site locations.
When it comes to virtual disaster recovery, proper planning is one of the main virtualization challenges. Administrators need to carefully consider how data moves within the LAN and across the WAN to remote locations. This component of virtual disaster recovery often involves a detailed assessment of connectivity and bandwidth.
It may also include changes in the LAN architecture to optimize the movement of data from NAS or a SAN. Frequent testing is essential to ensure that data can be recovered to the main data center or is usable directly from the remote site -- such as a warm DR site -- so comprehensive testing should always be an integral part of virtual disaster recovery planning.
VM backup and data protection
Data protection is a central priority of most data centers, but represents another of our virtualization challenges. It can support the timely recovery of individual files, but it also plays a much larger role in business continuance and adherence to the requirements of regulatory compliance.
The biggest issue for administrators here is implementing a backup tool that is appropriate for the software and hardware in service, to facilitate virtual data backup and VM backup. “People assume [backup] is exactly the same as in a physical environment,” said Dave Sobel, CEO of Evolve Technologies LLC, a technology provider in Fairfax, Va.. “Most backup software expects to have access to the physical hardware. That isn't the case in a virtualized environment.”
For VM backup, administrators often use snapshot tools and continuous data replication to capture virtual machine states to a SAN, and then use replication tools to copy that data to off-site storage.
When it comes to data protection and VM backup in virtual environments, restoration also presents some virtualization challenges. Granular recovery of data from within a virtual machine snapshot is problematic without the proper software tools. Not all backup software can provide granular recovery from within a VM, which forces the administrator to recover the VM first -- perhaps to a lab server -- and then extract the needed files. At the very least, virtualization will precipitate major changes to previous backup and recovery procedures.
Virtualization security issues
One of the biggest issues with virtualization security is to know that tasks -- such as routine scanning and system patching -- have been performed in a timely manner. For example, if you have 500 systems, it's important for administrators to verify that all 500 systems are running the latest patch levels for their applications and operating systems.
The abstraction presented by virtualization security often confuses task management. Administrators can easily lose track of which host OS and VMs are updated properly and can be further complicated by the mobility of each workload, making it almost impossible to tell which workloads are where. A forgotten patch or missed scan can leave a VM or host server open to attack.
Although tools can automate many everyday virtualization security tasks, poor practices can easily render the best tools useless. As a result, experts underscore the importance of well-refined management practices that can be mapped to tools or even implemented manually if the need arose.
Stephen J. Bigelow, a senior technology editor in the Data Center and Virtualization Media Group at TechTarget Inc., has more than 15 years of technical writing experience in the PC/technology industry. He holds a bachelor of science in electrical engineering, along with CompTIA A+, Network+, Security+ and Server+ certifications, and has written hundreds of articles and more than 15 feature books on computer troubleshooting, including Bigelow’s PC Hardware Desk Reference and Bigelow’s PC Hardware Annoyances. Contact him at firstname.lastname@example.org.