By Stacey McDaniel
As today's government IT managers struggle to find ways to deal with the incredible amounts of data being produced, they often wonder if there is a better approach than to simply expand the data center. Many turn to virtualization to help them house and manage more data with less effort, always an attractive result when budgets are low and expectations are high. The obvious benefit of virtualization is better control by consolidating servers and bringing them all into a heterogeneous environment. Another potential benefit of virtualization is increased information security.
Virtualization explained
So just what is virtualization? While it has been a part of the IT landscape for decades, only recently have the benefits of virtualization appeared on industry-standard x86-based platforms, which now form the majority of desktop, laptop, and server shipments. As defined by virtualization specialist VMware:
"The term virtualization broadly describes the separation of a resource or request for a service from the underlying physical delivery of that service. With virtual memory, for example, computer software gains access to more memory than is physically installed, via the background swapping of data to disk storage. Similarly, virtualization techniques can be applied to other IT infrastructure layers -- including networks, storage, laptop or server hardware, operating systems and applications.
This blend of virtualization technologies -- or virtual infrastructure -- provides a layer of abstraction between computing, storage and networking hardware, and the applications running on it. The deployment of virtual infrastructure is non-disruptive, since the user experiences are largely unchanged. However, virtual infrastructure gives administrators the advantage of managing pooled resources across the enterprise, allowing IT managers to be more responsive to dynamic organizational needs and to better leverage infrastructure investments."
Centralized management
Virtualized environments allow users to see resources as if they were dedicated to them and administrators can easily manage and optimize resources across the data center. Why is that important? For government IT managers in particular, virtualization can enable them to effectively address a number of critical business challenges, including cost-effective utilization of IT infrastructure, increased responsiveness, and flexibility in adapting to organizational changes. Virtualization is also a welcome technological innovation in today's climate of government budget constraints.
Securing virtualization
With the security threat landscape in a typical government agency changing on a daily basis, security vendors must develop more innovative ways to protect desktop endpoints while allowing end users maximum control over their computing environment. Currently, end users have the ability to modify that environment by, for example, disabling security solutions and installing new programs (both authorized and unauthorized). All this creates additional security threats for security administrators to worry about. Isolating the computer's protection in a virtual environment outside the main operating system would limit the amount of control the end user has and increase the amount of control the security administrator has.
Deploying security in a separate virtual partition also acknowledges the realities of the emerging threat landscape. Increasingly, this landscape contains threats aimed at disabling security technology, and such threats are becoming stealthier and more difficult to detect all the time. By having endpoint security in a separate partition, the security functionality is isolated from the operating system and any possible conflicts within the OS environment. In the event that malware is successful in infecting a desktop environment, the virtual security solution would contain the threat on that particular desktop, isolating it from other network resources.
Virtualization can also improve IT's management capabilities, especially in the areas of remote management, provisioning, problem resolution, asset management, and off-hours maintenance. Because a virtualization solution works even if the user OS is compromised or down, IT can now receive more accurate information for compliance and day-to-day IT management reporting.
Evolutionary security enhancements have just managed to keep pace with threats, but it is clear that more revolutionary security models will be needed to secure the desktop in the future.
Conclusion
The use of virtualization technology will offer a major step forward in government IT security. This innovative approach creates a new layer of security that will be more effective in protecting critical information and applications. Virtualization will also help government agencies to lower IT costs through increased flexibility and responsiveness. Managing a virtual infrastructure enables IT to connect resources to needs quickly and consistently.
As VMware puts it: "With a virtual infrastructure, IT organizations can provision new services and change the amount of resources dedicated to a software service. A data center can be treated as a single pool of processing, storage and networking power. Virtual infrastructure lets organizations optimize their data center and move towards utility computing."
Stacey McDaniel has been writing about high-tech issues for more than six years.