Home > Resources > Articles > ACCELERATING AI WITH GPU VIRTUALIZATION IN THE CLOUD

ACCELERATING AI WITH GPU VIRTUALIZATION IN THE CLOUD

In July, VMware acquired Bitfusion, a company whose technology virtualizes compute accelerators with the goal of enabling modern workloads like artificial intelligence and data analytics to take full advantage of systems with GPUs or with FPGAs. Specifically, Bitfusion’s software allows for virtual machines to offload compute duties to GPUs, FPGAs, or even other kinds of ASICs. The deal didn’t get a ton of attention at the time, but for VMware, it was an important step in realizing its cloud ambitions. “Hardware acceleration for applications delivers efficiency and flexibility into the AI space, including subsets such as machine learning,” Krish Prasad, senior vice president and general manager of VMware’s Cloud Platform business unit, wrote in a blog post announcing the acquisition.

Spotlight

Red Condor

Red Condor is revolutionizing spam fighting technology. Red Condor’s highly accurate Email DNA™ filter, hybrid architecture Vx Technology™, and fully managed appliances lead to a dramatic reduction in the cost of owning a premium spam filter. With solutions for small business, as well as solution providers with millions of email inboxes, Red Condor has a cost effective, time saving solution that is rapidly gaining market share. The system’s design has built-in zero tolerance for lost email, and a near zero false-positive rate while achieving long-term spam block rates greater than 99%. This next generation technology is backed by a 24x7 customer care center staffed by email security experts at Red Condor’s headquarters.

OTHER ARTICLES
Virtual Desktop Strategies, Server Hypervisors

VMware Tanzu Kubernetes Grid Integrated: A Year in Review

Article | April 27, 2023

The modern application world is advancing at an unprecedented rate. However, the new possibilities these transformations make available don’t come without complexities. IT teams often find themselves under pressure to keep up with the speed of innovation. That’s why VMware provides a production-ready container platform for customers that aligns to upstream Kubernetes, VMware Tanzu Kubernetes Grid Integrated (formerly known as VMware Enterprise PKS). By working with VMware, customers can move at the speed their businesses demand without the headache of trying to run their operations alone. Our offerings help customers stay current with the open source community's innovations while having access to the support they need to move forward confidently. Many changes have been made to Tanzu Kubernetes Grid Integrated edition over the past year that are designed to help customers keep up with Kubernetes advancements, move faster, and enhance security. Kubernetes updates The latest version, Tanzu Kubernetes Grid Integrated 1.13, bumped to Kubernetes version 1.22 and removed beta APIs in favor of stable APIs that have since evolved from the betas. Over time, some APIs will evolve. Beta APIs typically evolve more often than stable APIs and should therefore be checked before updates occur. The APIs listed below will not be served with v1.22 as they have been replaced by more stable API versions: Beta versions of the ValidatingWebhookConfiguration and MutatingWebhookConfiguration API (the admissionregistration.k8s.io/v1beta1 API versions) The beta CustomResourceDefinition API (apiextensions.k8s.io/v1beta1) The beta APIService API (apiregistration.k8s.io/v1beta1) The beta TokenReview API (authentication.k8s.io/v1beta1) Beta API versions of SubjectAccessReview, LocalSubjectAccessReview, SelfSubjectAccessReview (API versions from authorization.k8s.io/v1beta1) The beta CertificateSigningRequest API (certificates.k8s.io/v1beta1) The beta Lease API (coordination.k8s.io/v1beta1) All beta Ingress APIs (the extensions/v1beta1 and networking.k8s.io/v1beta1 API versions) Containerd support Tanzu Kubernetes Grid Integrated helps customers eliminate lengthy deployment and management processes with on-demand provisioning, scaling, patching, and updating of Kubernetes clusters. To stay in alignment with the Kubernetes community, Containerd will be used as the default container runtime, although Docker can still be selected using the command-line interface (CLI) if needed. Networking Several updates have been made in regards to networking as well including support of Antrea and NSX-T enhancements. Antrea support With Tanzu Kubernetes Grid Integrated version 1.10 and later, customers can leverage Antrea on install or upgrade to use Kubernetes network policies. This enables enterprises to get the best of both worlds: access to the latest innovation from Antrea and world-class support from VMware. NSX-T enhancements NSX-T was integrated with Tanzu Kubernetes Grid Integrated to simplify container networking and increase security. This has been enhanced so customers can now choose the policy API as an option on a fresh installation of Tanzu Kubernetes Grid Integrated. This means that users will have access to new features available only through NSX-T policy API. This feature is currently in beta. In addition, more NSX-T and NSX Container Plug-in (NCP) configuration is possible through the network profiles. This operator command provides the benefit of being able to set configurations through the CLI, and this is persistent across lifecycle events. Storage enhancements We’ve made storage operations in our customers’ container native environments easier, too. Customers were seeking a simpler and more secure way to manage Container Storage Interface (CSI), and we introduced automatic installation of the vSphere CSI driver as a BOSH process beginning with Tanzu Kubernetes Grid Integrated 1.11. Also, as VCP will be deprecated, customers are advised to use the CSI driver. VCP-to-CSI migration is a part of Tanzu Kubernetes Grid Integrated 1.12 and is designed to help customers move forward faster. Enhanced security Implementing new technologies provides users with new capabilities, but it can also lead to new security vulnerabilities if not done correctly. VMware’s goal is to help customers move forward with ease and the confidence of knowing that enhancements don’t compromise core security needs. CIS benchmarks This year, Tanzu Kubernetes Grid Integrated continued to see improvements that help meet today’s high security standards. Meeting the Center for Internet Security (CIS) benchmarks standards is vital for Tanzu Kubernetes Grid Integrated. In recent Tanzu Kubernetes Grid Integrated releases, a few Kubernetes-related settings have been adjusted to ensure compliance with CIS requirements: Kube-apiserver with --kubelet-certificate-authority settings (v1.12) Kube-apiserver with --authorization-mode argument includes Node (v1.12) Kube-apiserver with proper --audit-log-maxage argument (v1.13) Kube-apiserver with proper --audit-log-maxbackup argument (v1.13) Kube-apiserver with proper --audit-log-maxsize argument (v1.13) Certificate rotations Tanzu Kubernetes Grid Integrated secures all communication between its control plane components and the Kubernetes clusters it manages, using TLS validated by certificates. The certificate rotations have been simplified in recent releases. Customers can now list and simply update certificates on a cluster-by-cluster basis through the “tkgi rotate-certificates” command. The multistep, manual process was replaced with a single CLI command to rotate NSX-T certificates (available since Tanzu Kubernetes Grid Integrated 1.10) and cluster-by-cluster certificates (available since Tanzu Kubernetes Grid Integrated 1.12). Hardening of images Tanzu Kubernetes Grid Integrated keeps OS images, container base images, and software library versions updated to remediate the CVEs reported by customers and in the industry. It also continues to use the latest Ubuntu Xenial Stemcell latest versions for node virtual machines. With recent releases and patch versions, the version of dockerd, containerd, runc, telegraf, nfs-utils had been bumped to the latest stable and secure versions as well. By using Harbor as a private registry management service, customers could also leverage the built-in vulnerability scan features to discover the application images CVEs. VMware is dedicated to supporting customers with production readiness by enhancing the user experience. Tanzu Kubernetes Grid Integrated Edition has stayed up to date with the Kubernetes community and provides customers with the support and resources they need to innovate rapidly.

Read More
Server Hypervisors

Addressing Multi-Cloud Complexity with VMware Tanzu

Article | May 18, 2023

Introduction With cloud computing on the path to becoming the mother of all transformations, particularly in IT's ways of development and operations, we are once again confronted with the problem of conversion errors, this time a hundredfold higher than previous moves to dispersed computing and the web. While the issue is evident, the remedies are not so obvious. Cloud complexity is the outcome of the fast acceleration of cloud migration and net-new innovation without consideration of the complexity this introduces in operations. Almost all businesses are already working in a multi-cloud or hybrid-cloud environment. According to an IDC report, 93% of enterprises utilize multiple clouds. The decision could have stemmed from a desire to save money and avoid vendor lock-in, increase resilience, or businesses might have found themselves with several clouds as a result of the compounding activities of different teams. When it comes to strategic technology choices, relatively few businesses begin by asking, "How can we secure and control our technology?" Must-Follow Methods for Multi-Cloud and Hybrid Cloud Success Data Analysis at Any Size, from Any Source: To proactively recognize, warn, and guide investigations, teams should be able to utilize all data throughout the cloud and on-premises. Insights in Real-Time: Considering the temporary nature of containerized operations and functions as a service, businesses cannot wait minutes to determine whether they are experiencing infrastructure difficulties. Only a scalable streaming architecture can ingest, analyze, and alert rapidly enough to discover and investigate problems before they have a major impact on consumers. Analytics That Enables Teams to Act: Because multi-cloud and hybrid-cloud strategies do not belong in a single team, businesses must be able to evaluate data inside and across teams in order to make decisions and take action swiftly. How Can VMware Help in Solving Multi-Cloud and Hybrid-Cloud Complexity? VMware made several announcements indicating a new strategy focused on modern applications. Their approach focuses on two VMware products: vSphere with Kubernetes and Tanzu. Since then, much has been said about VMware's modern app approach, and several products have launched. Let's focus on VMware Tanzu. VMware Tanzu Tanzu is a product that enables organizations to upgrade both their apps and the infrastructure that supports them. In the same way that VMware wants vRealize to be known for cloud management and automation, Tanzu wants to be known for modern business applications. Tanzu uses Kubernetes to build and manage modern applications. In Tanzu, there is just one development environment and one deployment process. VMware Tanzu is compatible with both private and public cloud infrastructures. Closing Lines The important point is that the Tanzu portfolio offers a great deal of flexibility in terms of where applications operate and how they are controlled. We observe an increase in demand for operating an application on any cloud, and how VMware Tanzu assists us in streamlining the multi-cloud operation for MLOps pipeline. Apart from multi-cloud operation, it is critical to monitor and alarm each component throughout the MLOps lifecycle, from Kubernetes pods and inference services to data and model performance.

Read More
Virtual Desktop Tools

Digital Marketplace: The Future of E-commerce

Article | August 12, 2022

It is no surprise that e-commerce has grown dramatically in recent years. I don't want to be boring, but certainly the pandemic and a few other market factors have had a role. From ancient times, marketplaces of all shapes and sizes have served as the foundation for all types of business. As the world transforms and becomes more digital, the rise of digital marketplaces, e-commerce, and other types of online business is exploding. E-commerce marketplace platforms are rapidly expanding in the digital environment and are expected to acquire momentum as the future of e-commerce. This increase is because of the fact that online marketplaces combine user demand and provide customers with a broader selection of products. Digital Marketplaces Are the Way to the Future of E-Commerce Without a doubt, online marketplaces will dominate the e-commerce business in the coming years. According to Coresight Research, marketplace platform revenue will more than double, reaching around $40 billion in 2022. This means that by 2022, online marketplaces will account for 67% of worldwide e-Commerce revenues (Forrester). Today, the issue is not whether you sell online but how far you can reach. E-commerce offers limitless opportunities, and all you need to do is keep pace with the trends. What are you doing right now? How far can you go? Have you already made the transition from local to global? Digital marketplaces are indeed the way of the future of e-commerce. The earlier you realize this and integrate it into your sales and marketing approach, the better. I really mean it. The world is changing, and your competitors are not sleeping. You cannot overlook this trend if you really want to stay ahead. It's all about the people in business, as it has always been. Understanding who you're pitching to is critical to your success. You should be aware. Everything you do in business should get you closer to your target audience. Closing Lines: Digital marketplaces are indeed the future of commerce. People will inevitably start shopping online even more in the future. That implies methods and means will be developed to make such transactions easier for the common individual. Explore how your business might profit from these markets and trends that suggest the future of physical and online shopping.

Read More
Virtual Desktop Tools, Server Hypervisors

Virtual Machine Security Risks and Mitigation in Cloud Computing

Article | April 28, 2023

Analyzing risks and implementing advanced mitigation strategies: Safeguard critical data, fortify defenses, and stay ahead of emerging threats in the dynamic realm of virtual machines in cloud. Contents 1. Introduction 2. 10 Security Risks Associated with Virtual Machines in Cloud Computing 3. Best Practices to Avoid Security Compromise 4. Conclusion 1. Introduction Cloud computing has revolutionized the way businesses operate by providing flexible, scalable, and cost-effective infrastructure for running applications and services. Virtual machines (VMs) are a key component of cloud computing, allowing multiple virtual machines to run on a single physical machine. However, the use of virtual machines in cloud computing introduces new security risks that need to be addressed to ensure the confidentiality, integrity, and availability of data and services. Effective VM security in the cloud requires a comprehensive approach that involves cloud providers and users working together to identify and address potential virtual machine security threats. By implementing these best practices and maintaining a focus on security, cloud computing can provide a secure and reliable platform for businesses to run their applications and services. 2. 10 Security Risks Associated with Virtual Machines in Cloud Computing Denial of Service (DoS) attacks: These are attacks that aim to disrupt the availability of a VM or the entire cloud infrastructure by overwhelming the system with traffic or resource requests. Insecure APIs: Cloud providers often expose APIs that allow users to manage their VMs. If these APIs are not properly secured, attackers can exploit them to gain unauthorized access to VMs or manipulate their configurations. Data leakage: Virtual machines can store sensitive data such as customer information or intellectual property. If not secured, this data can be exposed to unauthorized access or leakage. Shared resources: VMs in cloud environments often share physical resources such as memory, CPU, and network interfaces. If these resources are not isolated, a compromised VM can potentially affect the security and performance of other VMs running on the same physical host. Lack of visibility: Virtual machines in cloud environments can be more difficult to monitor than physical machines. This can make it harder to detect security incidents or anomalous behavior. Insufficient logging and auditing: If cloud providers do not implement appropriate logging and auditing mechanisms, it can be difficult to determine the cause and scope of a security incident. VM escape: This is when an attacker gains access to the hypervisor layer and then escapes into the host operating system or other VMs running on the same physical host. Side-channel attacks: This is when an attacker exploits the physical characteristics of the hardware to gain unauthorized access to a VM. Examples of side-channel attacks include timing attacks, power analysis attacks, and electromagnetic attacks. Malware attacks: VMs can be infected with malware, just like physical machines. Malware can be used to steal data, launch attacks on other VMs or systems, or disrupt the functioning of the VM. Insider threats: Malicious insiders can exploit their access to VMs to steal data, modify configurations, or launch attacks. 3. Best Practices to Avoid Security Compromise To mitigate these risks, there are several virtual machine security guidelines that cloud service providers and users can follow: Keep software up-to-date: Regularly updating software and security patches for virtual machines is crucial in preventing known vulnerabilities from being exploited by hackers. Software updates fix bugs and security flaws that could allow unauthorized access, data breaches, or malware attacks. According to a study, 60% of data breaches are caused by vulnerabilities that were not patched or updated in a timely manner.(Source: Ponemon Institute) Use secure hypervisors: A hypervisor is a software layer that enables multiple virtual machines to run on a single physical server. Secure hypervisors are designed to prevent unauthorized access to virtual machines and protect them from potential security threats. When choosing a hypervisor, it is important to select one that has undergone rigorous testing and meets industry standards for security. In 2018, a group of researchers discovered a new type of attack called "Foreshadow" (also known as L1 Terminal Fault). The attack exploits vulnerabilities in Intel processors and can be used to steal sensitive data from virtual machines running on the same physical host. Secure hypervisors that have implemented hardware-based security features can provide protection against Foreshadow and similar attacks. (Source: Foreshadow) Implement strong access controls: Access control is the practice of restricting access to virtual machines to authorized users. Multi-factor authentication adds an extra layer of security by requiring users to provide more than one type of authentication method before accessing VMs. Strong access controls limit the risk of unauthorized access and can help prevent data breaches. According to a survey, organizations that implemented multi-factor authentication saw a 98% reduction in the risk of phishing-related account breaches. (Source: Duo Security) Monitor VMs for anomalous behavior: Monitoring virtual machines for unusual or unexpected behavior is an essential security practice. This includes monitoring network traffic, processes running on the VM, and other metrics that can help detect potential security incidents. By monitoring VMs, security teams can detect and respond to security threats before they can cause damage. A study found that 90% of organizations that implemented a virtualized environment experienced security benefits, such as improved visibility into security threats and faster incident response times. (Source: VMware) Use Encryption: Encryption is the process of encoding information in such a way that only authorized parties can access it. Encrypting data both in transit and at rest protects it from interception or theft by hackers. This can be achieved using industry-standard encryption protocols and technologies. According to a report by, the average cost of a data breach in 2020 was $3.86 million. The report also found that organizations that implemented encryption had a lower average cost of a data breach compared to those that did not (Source: IBM) Segregate VMs: Segregating virtual machines is the practice of keeping sensitive VMs separate from less sensitive ones. This reduces the risk of lateral movement, which is when a hacker gains access to one VM and uses it as a stepping stone to gain access to other VMs in the same environment. Segregating VMs helps to minimize the risk of data breaches and limit the potential impact of a security incident. A study found that organizations that implemented a virtualized environment without adequate segregation and access controls were more vulnerable to VM security breaches and data loss. (Source: Ponemon Institute) Regularly Back-up VMs: Regularly backing up virtual machines is a critical security practice that can help mitigate the impact of malware attacks, system failures, or other security incidents. Backups should be stored securely and tested regularly to ensure that they can be restored quickly in the event of a security incident. A survey conducted found that 42% of organizations experienced a data loss event in 2020 with the most common cause being accidental deletion by an employee (29%). (Source: Veeam) 4. Conclusion The complexity of cloud environments and the shared responsibility model for security require organizations to adopt a comprehensive security approach that spans multiple infrastructure layers, from the physical to the application layer. The future of virtual machine security concern in cloud computing will require continued innovation and adaptation to new threats and vulnerabilities. As a result, organizations must remain vigilant and proactive in their security efforts, leveraging the latest technologies and best practices to protect their virtual machines, the sensitive data and resources they contain.

Read More
Virtual Desktop Strategies, Server Hypervisors

Efficient Management of Virtual Machines using Orchestration

Article | April 27, 2023

The modern application world is advancing at an unprecedented rate. However, the new possibilities these transformations make available don’t come without complexities. IT teams often find themselves under pressure to keep up with the speed of innovation. That’s why VMware provides a production-ready container platform for customers that aligns to upstream Kubernetes, VMware Tanzu Kubernetes Grid Integrated (formerly known as VMware Enterprise PKS). By working with VMware, customers can move at the speed their businesses demand without the headache of trying to run their operations alone. Our offerings help customers stay current with the open source community's innovations while having access to the support they need to move forward confidently. Many changes have been made to Tanzu Kubernetes Grid Integrated edition over the past year that are designed to help customers keep up with Kubernetes advancements, move faster, and enhance security. Kubernetes updates The latest version, Tanzu Kubernetes Grid Integrated 1.13, bumped to Kubernetes version 1.22 and removed beta APIs in favor of stable APIs that have since evolved from the betas. Over time, some APIs will evolve. Beta APIs typically evolve more often than stable APIs and should therefore be checked before updates occur. The APIs listed below will not be served with v1.22 as they have been replaced by more stable API versions: Beta versions of the ValidatingWebhookConfiguration and MutatingWebhookConfiguration API (the admissionregistration.k8s.io/v1beta1 API versions) The beta CustomResourceDefinition API (apiextensions.k8s.io/v1beta1) The beta APIService API (apiregistration.k8s.io/v1beta1) The beta TokenReview API (authentication.k8s.io/v1beta1) Beta API versions of SubjectAccessReview, LocalSubjectAccessReview, SelfSubjectAccessReview (API versions from authorization.k8s.io/v1beta1) The beta CertificateSigningRequest API (certificates.k8s.io/v1beta1) The beta Lease API (coordination.k8s.io/v1beta1) All beta Ingress APIs (the extensions/v1beta1 and networking.k8s.io/v1beta1 API versions) Containerd support Tanzu Kubernetes Grid Integrated helps customers eliminate lengthy deployment and management processes with on-demand provisioning, scaling, patching, and updating of Kubernetes clusters. To stay in alignment with the Kubernetes community, Containerd will be used as the default container runtime, although Docker can still be selected using the command-line interface (CLI) if needed. Networking Several updates have been made in regards to networking as well including support of Antrea and NSX-T enhancements. Antrea support With Tanzu Kubernetes Grid Integrated version 1.10 and later, customers can leverage Antrea on install or upgrade to use Kubernetes network policies. This enables enterprises to get the best of both worlds: access to the latest innovation from Antrea and world-class support from VMware. NSX-T enhancements NSX-T was integrated with Tanzu Kubernetes Grid Integrated to simplify container networking and increase security. This has been enhanced so customers can now choose the policy API as an option on a fresh installation of Tanzu Kubernetes Grid Integrated. This means that users will have access to new features available only through NSX-T policy API. This feature is currently in beta. In addition, more NSX-T and NSX Container Plug-in (NCP) configuration is possible through the network profiles. This operator command provides the benefit of being able to set configurations through the CLI, and this is persistent across lifecycle events. Storage enhancements We’ve made storage operations in our customers’ container native environments easier, too. Customers were seeking a simpler and more secure way to manage Container Storage Interface (CSI), and we introduced automatic installation of the vSphere CSI driver as a BOSH process beginning with Tanzu Kubernetes Grid Integrated 1.11. Also, as VCP will be deprecated, customers are advised to use the CSI driver. VCP-to-CSI migration is a part of Tanzu Kubernetes Grid Integrated 1.12 and is designed to help customers move forward faster. Enhanced security Implementing new technologies provides users with new capabilities, but it can also lead to new security vulnerabilities if not done correctly. VMware’s goal is to help customers move forward with ease and the confidence of knowing that enhancements don’t compromise core security needs. CIS benchmarks This year, Tanzu Kubernetes Grid Integrated continued to see improvements that help meet today’s high security standards. Meeting the Center for Internet Security (CIS) benchmarks standards is vital for Tanzu Kubernetes Grid Integrated. In recent Tanzu Kubernetes Grid Integrated releases, a few Kubernetes-related settings have been adjusted to ensure compliance with CIS requirements: Kube-apiserver with --kubelet-certificate-authority settings (v1.12) Kube-apiserver with --authorization-mode argument includes Node (v1.12) Kube-apiserver with proper --audit-log-maxage argument (v1.13) Kube-apiserver with proper --audit-log-maxbackup argument (v1.13) Kube-apiserver with proper --audit-log-maxsize argument (v1.13) Certificate rotations Tanzu Kubernetes Grid Integrated secures all communication between its control plane components and the Kubernetes clusters it manages, using TLS validated by certificates. The certificate rotations have been simplified in recent releases. Customers can now list and simply update certificates on a cluster-by-cluster basis through the “tkgi rotate-certificates” command. The multistep, manual process was replaced with a single CLI command to rotate NSX-T certificates (available since Tanzu Kubernetes Grid Integrated 1.10) and cluster-by-cluster certificates (available since Tanzu Kubernetes Grid Integrated 1.12). Hardening of images Tanzu Kubernetes Grid Integrated keeps OS images, container base images, and software library versions updated to remediate the CVEs reported by customers and in the industry. It also continues to use the latest Ubuntu Xenial Stemcell latest versions for node virtual machines. With recent releases and patch versions, the version of dockerd, containerd, runc, telegraf, nfs-utils had been bumped to the latest stable and secure versions as well. By using Harbor as a private registry management service, customers could also leverage the built-in vulnerability scan features to discover the application images CVEs. VMware is dedicated to supporting customers with production readiness by enhancing the user experience. Tanzu Kubernetes Grid Integrated Edition has stayed up to date with the Kubernetes community and provides customers with the support and resources they need to innovate rapidly.

Read More
Server Hypervisors

The Business Benefits of Embracing Virtualization on Virtual Machines

Article | May 18, 2023

Introduction With cloud computing on the path to becoming the mother of all transformations, particularly in IT's ways of development and operations, we are once again confronted with the problem of conversion errors, this time a hundredfold higher than previous moves to dispersed computing and the web. While the issue is evident, the remedies are not so obvious. Cloud complexity is the outcome of the fast acceleration of cloud migration and net-new innovation without consideration of the complexity this introduces in operations. Almost all businesses are already working in a multi-cloud or hybrid-cloud environment. According to an IDC report, 93% of enterprises utilize multiple clouds. The decision could have stemmed from a desire to save money and avoid vendor lock-in, increase resilience, or businesses might have found themselves with several clouds as a result of the compounding activities of different teams. When it comes to strategic technology choices, relatively few businesses begin by asking, "How can we secure and control our technology?" Must-Follow Methods for Multi-Cloud and Hybrid Cloud Success Data Analysis at Any Size, from Any Source: To proactively recognize, warn, and guide investigations, teams should be able to utilize all data throughout the cloud and on-premises. Insights in Real-Time: Considering the temporary nature of containerized operations and functions as a service, businesses cannot wait minutes to determine whether they are experiencing infrastructure difficulties. Only a scalable streaming architecture can ingest, analyze, and alert rapidly enough to discover and investigate problems before they have a major impact on consumers. Analytics That Enables Teams to Act: Because multi-cloud and hybrid-cloud strategies do not belong in a single team, businesses must be able to evaluate data inside and across teams in order to make decisions and take action swiftly. How Can VMware Help in Solving Multi-Cloud and Hybrid-Cloud Complexity? VMware made several announcements indicating a new strategy focused on modern applications. Their approach focuses on two VMware products: vSphere with Kubernetes and Tanzu. Since then, much has been said about VMware's modern app approach, and several products have launched. Let's focus on VMware Tanzu. VMware Tanzu Tanzu is a product that enables organizations to upgrade both their apps and the infrastructure that supports them. In the same way that VMware wants vRealize to be known for cloud management and automation, Tanzu wants to be known for modern business applications. Tanzu uses Kubernetes to build and manage modern applications. In Tanzu, there is just one development environment and one deployment process. VMware Tanzu is compatible with both private and public cloud infrastructures. Closing Lines The important point is that the Tanzu portfolio offers a great deal of flexibility in terms of where applications operate and how they are controlled. We observe an increase in demand for operating an application on any cloud, and how VMware Tanzu assists us in streamlining the multi-cloud operation for MLOps pipeline. Apart from multi-cloud operation, it is critical to monitor and alarm each component throughout the MLOps lifecycle, from Kubernetes pods and inference services to data and model performance.

Read More
Virtual Desktop Tools

Evaluating the Impact of Application Virtualization

Article | August 12, 2022

It is no surprise that e-commerce has grown dramatically in recent years. I don't want to be boring, but certainly the pandemic and a few other market factors have had a role. From ancient times, marketplaces of all shapes and sizes have served as the foundation for all types of business. As the world transforms and becomes more digital, the rise of digital marketplaces, e-commerce, and other types of online business is exploding. E-commerce marketplace platforms are rapidly expanding in the digital environment and are expected to acquire momentum as the future of e-commerce. This increase is because of the fact that online marketplaces combine user demand and provide customers with a broader selection of products. Digital Marketplaces Are the Way to the Future of E-Commerce Without a doubt, online marketplaces will dominate the e-commerce business in the coming years. According to Coresight Research, marketplace platform revenue will more than double, reaching around $40 billion in 2022. This means that by 2022, online marketplaces will account for 67% of worldwide e-Commerce revenues (Forrester). Today, the issue is not whether you sell online but how far you can reach. E-commerce offers limitless opportunities, and all you need to do is keep pace with the trends. What are you doing right now? How far can you go? Have you already made the transition from local to global? Digital marketplaces are indeed the way of the future of e-commerce. The earlier you realize this and integrate it into your sales and marketing approach, the better. I really mean it. The world is changing, and your competitors are not sleeping. You cannot overlook this trend if you really want to stay ahead. It's all about the people in business, as it has always been. Understanding who you're pitching to is critical to your success. You should be aware. Everything you do in business should get you closer to your target audience. Closing Lines: Digital marketplaces are indeed the future of commerce. People will inevitably start shopping online even more in the future. That implies methods and means will be developed to make such transactions easier for the common individual. Explore how your business might profit from these markets and trends that suggest the future of physical and online shopping.

Read More
Virtual Desktop Tools, Server Hypervisors

Virtual Machine Security Risks and Mitigation in Cloud Computing

Article | April 28, 2023

Analyzing risks and implementing advanced mitigation strategies: Safeguard critical data, fortify defenses, and stay ahead of emerging threats in the dynamic realm of virtual machines in cloud. Contents 1. Introduction 2. 10 Security Risks Associated with Virtual Machines in Cloud Computing 3. Best Practices to Avoid Security Compromise 4. Conclusion 1. Introduction Cloud computing has revolutionized the way businesses operate by providing flexible, scalable, and cost-effective infrastructure for running applications and services. Virtual machines (VMs) are a key component of cloud computing, allowing multiple virtual machines to run on a single physical machine. However, the use of virtual machines in cloud computing introduces new security risks that need to be addressed to ensure the confidentiality, integrity, and availability of data and services. Effective VM security in the cloud requires a comprehensive approach that involves cloud providers and users working together to identify and address potential virtual machine security threats. By implementing these best practices and maintaining a focus on security, cloud computing can provide a secure and reliable platform for businesses to run their applications and services. 2. 10 Security Risks Associated with Virtual Machines in Cloud Computing Denial of Service (DoS) attacks: These are attacks that aim to disrupt the availability of a VM or the entire cloud infrastructure by overwhelming the system with traffic or resource requests. Insecure APIs: Cloud providers often expose APIs that allow users to manage their VMs. If these APIs are not properly secured, attackers can exploit them to gain unauthorized access to VMs or manipulate their configurations. Data leakage: Virtual machines can store sensitive data such as customer information or intellectual property. If not secured, this data can be exposed to unauthorized access or leakage. Shared resources: VMs in cloud environments often share physical resources such as memory, CPU, and network interfaces. If these resources are not isolated, a compromised VM can potentially affect the security and performance of other VMs running on the same physical host. Lack of visibility: Virtual machines in cloud environments can be more difficult to monitor than physical machines. This can make it harder to detect security incidents or anomalous behavior. Insufficient logging and auditing: If cloud providers do not implement appropriate logging and auditing mechanisms, it can be difficult to determine the cause and scope of a security incident. VM escape: This is when an attacker gains access to the hypervisor layer and then escapes into the host operating system or other VMs running on the same physical host. Side-channel attacks: This is when an attacker exploits the physical characteristics of the hardware to gain unauthorized access to a VM. Examples of side-channel attacks include timing attacks, power analysis attacks, and electromagnetic attacks. Malware attacks: VMs can be infected with malware, just like physical machines. Malware can be used to steal data, launch attacks on other VMs or systems, or disrupt the functioning of the VM. Insider threats: Malicious insiders can exploit their access to VMs to steal data, modify configurations, or launch attacks. 3. Best Practices to Avoid Security Compromise To mitigate these risks, there are several virtual machine security guidelines that cloud service providers and users can follow: Keep software up-to-date: Regularly updating software and security patches for virtual machines is crucial in preventing known vulnerabilities from being exploited by hackers. Software updates fix bugs and security flaws that could allow unauthorized access, data breaches, or malware attacks. According to a study, 60% of data breaches are caused by vulnerabilities that were not patched or updated in a timely manner.(Source: Ponemon Institute) Use secure hypervisors: A hypervisor is a software layer that enables multiple virtual machines to run on a single physical server. Secure hypervisors are designed to prevent unauthorized access to virtual machines and protect them from potential security threats. When choosing a hypervisor, it is important to select one that has undergone rigorous testing and meets industry standards for security. In 2018, a group of researchers discovered a new type of attack called "Foreshadow" (also known as L1 Terminal Fault). The attack exploits vulnerabilities in Intel processors and can be used to steal sensitive data from virtual machines running on the same physical host. Secure hypervisors that have implemented hardware-based security features can provide protection against Foreshadow and similar attacks. (Source: Foreshadow) Implement strong access controls: Access control is the practice of restricting access to virtual machines to authorized users. Multi-factor authentication adds an extra layer of security by requiring users to provide more than one type of authentication method before accessing VMs. Strong access controls limit the risk of unauthorized access and can help prevent data breaches. According to a survey, organizations that implemented multi-factor authentication saw a 98% reduction in the risk of phishing-related account breaches. (Source: Duo Security) Monitor VMs for anomalous behavior: Monitoring virtual machines for unusual or unexpected behavior is an essential security practice. This includes monitoring network traffic, processes running on the VM, and other metrics that can help detect potential security incidents. By monitoring VMs, security teams can detect and respond to security threats before they can cause damage. A study found that 90% of organizations that implemented a virtualized environment experienced security benefits, such as improved visibility into security threats and faster incident response times. (Source: VMware) Use Encryption: Encryption is the process of encoding information in such a way that only authorized parties can access it. Encrypting data both in transit and at rest protects it from interception or theft by hackers. This can be achieved using industry-standard encryption protocols and technologies. According to a report by, the average cost of a data breach in 2020 was $3.86 million. The report also found that organizations that implemented encryption had a lower average cost of a data breach compared to those that did not (Source: IBM) Segregate VMs: Segregating virtual machines is the practice of keeping sensitive VMs separate from less sensitive ones. This reduces the risk of lateral movement, which is when a hacker gains access to one VM and uses it as a stepping stone to gain access to other VMs in the same environment. Segregating VMs helps to minimize the risk of data breaches and limit the potential impact of a security incident. A study found that organizations that implemented a virtualized environment without adequate segregation and access controls were more vulnerable to VM security breaches and data loss. (Source: Ponemon Institute) Regularly Back-up VMs: Regularly backing up virtual machines is a critical security practice that can help mitigate the impact of malware attacks, system failures, or other security incidents. Backups should be stored securely and tested regularly to ensure that they can be restored quickly in the event of a security incident. A survey conducted found that 42% of organizations experienced a data loss event in 2020 with the most common cause being accidental deletion by an employee (29%). (Source: Veeam) 4. Conclusion The complexity of cloud environments and the shared responsibility model for security require organizations to adopt a comprehensive security approach that spans multiple infrastructure layers, from the physical to the application layer. The future of virtual machine security concern in cloud computing will require continued innovation and adaptation to new threats and vulnerabilities. As a result, organizations must remain vigilant and proactive in their security efforts, leveraging the latest technologies and best practices to protect their virtual machines, the sensitive data and resources they contain.

Read More
MORE ARTICLES

Spotlight

Red Condor

Red Condor is revolutionizing spam fighting technology. Red Condor’s highly accurate Email DNA™ filter, hybrid architecture Vx Technology™, and fully managed appliances lead to a dramatic reduction in the cost of owning a premium spam filter. With solutions for small business, as well as solution providers with millions of email inboxes, Red Condor has a cost effective, time saving solution that is rapidly gaining market share. The system’s design has built-in zero tolerance for lost email, and a near zero false-positive rate while achieving long-term spam block rates greater than 99%. This next generation technology is backed by a 24x7 customer care center staffed by email security experts at Red Condor’s headquarters.

Related News

Virtualized Environments

VeriSilicon Unveils the New VC9800 IP for Next Generation Data Centers

Business Wire | January 09, 2024

VeriSilicon today unveiled its latest VC9800 series Video Processor Unit (VPU) IP with enhanced video processing performance to strengthen its presence in the data center applications. The newly launched series IP caters to the advanced requirements of next generation data centers including video transcoding servers, AI servers, virtual cloud desktops, and cloud gaming. The VC9800 series of VPU IP boasts high performance, high throughput, and server-level multi-stream encoding and decoding capabilities. It can handle up to 256 streams and support all mainstream video formats, including the new advanced format VVC. Through Rapid Look Ahead encoding, the VC9800 series IP improves video quality significantly with low memory footprint and encoding latency. With capable of supporting 8K encoding and decoding, it offers enhanced video post-processing and multi-channel encoding at various resolutions, thus achieves an efficient transcoding solution. The VC9800 series of VPU IP can seamlessly interface with Neural Network Processor (NPU) IP, enabling a complete AI-video pipeline. When combined with VeriSilicon’s Graphics Processor Unit (GPU) IP, the subsystem solution is able to deliver enhanced gaming experiences. In addition, the hardware virtualization, super resolution image enhancement, and AI-enabled encoding functions of this series IP also offer effective solutions for virtual cloud desktops. “VeriSilicon’s advanced video transcoding technology continues leading in Data Center domain. We are working closely with global leading customers to develop comprehensive video processing subsystem solutions to meet the requirements of the latest Data Centers,” said Wei-Jin Dai, Executive VP and GM of IP Division of VeriSilicon. “For AI computing, our video post-processing capabilities have been extended to smoothly interact with NPUs, ensuring OpenCV-level accuracy. We’ve also introduced super resolution technology to the video processing subsystem, elevating image quality and ultimately enhancing user experiences for cloud computing and smart display.” About VeriSilicon VeriSilicon is committed to providing customers with platform-based, all-around, one-stop custom silicon services and semiconductor IP licensing services leveraging its in-house semiconductor IP.

Read More

Backup and Disaster Recovery

Minimize the Cost and Downtime of Disaster With Scale Computing's Business Continuity/Disaster Recovery Planning Service

PR Newswire | October 25, 2023

Scale Computing, a market leader in edge computing, virtualization, and hyperconverged solutions, today announced its Business Continuity/Disaster Recovery (BCDR) Planning Service, designed to help organizations establish a comprehensive, regulated plan for responding to unforeseen downtime. The service provides Scale Computing customers and partners with the tools, guidance, and resources to create a playbook for data backup and recovery, enabling businesses to endure a disaster scenario with minimal loss. Scale Computing also recently announced that it is a finalist for the Business Continuity/Disaster Recovery Project of the Year in the 2023 SDC Awards for its work with Austrian managed service provider GiGaNet and its long-time partner the Zillertaler Gletscherbahn group. Voting for the SDC Awards is open at sdcawards.com/vote until November 10th, 2023. Data breaches are one of the biggest and most costly contributors to downtime for businesses. In 2023, the average cost of a data breach globally reached an all-time high of $4.45 million, a 15.3% increase from 2020. Simultaneously, the average length of business disruption following a ransomware attack in the United States reached 24 days last year, up 60% from just two years prior — a significant increase when downtime costs exceed $300,000 per hour for over 90% of mid-sized and large enterprises. For more than half of those businesses, the hourly outage costs range from $1 million to over $5 million. Recovery from an outage adds additional expense from which many enterprises are unable to bounce back. "Disaster can strike at any time, and every organization needs a consistently regulated playbook for how the business will respond — from action plans to recovery plans for bringing online the mission-critical servers businesses depend on," said Jeff Ready, CEO and co-founder, Scale Computing. "Knowing what systems need to be protected, planning for the ability to recover them, and having a full action plan for recovery should be at the forefront of every IT department's agenda, at the beginning of any infrastructure addition. With Scale Computing Platform, the plan for disaster recovery starts before equipment is even put into production, so IT leaders have a plan in place from day one that they can enact to ensure their business stays up and running, with minimal loss, should disaster strike. Our Business Continuity/Disaster Recovery Planning Service enables businesses to proactively classify systems based on their importance and implement a robust action plan, ensuring that our customers' and partners' critical systems are protected, validated, tested, and ready for recovery at any time." Whether a minor data loss or a business-wide shutdown, having a well-defined business continuity strategy is crucial to minimize financial impact, ensure continuous employee productivity, meet compliance and regulatory requirements, decrease liability obligations, reduce downtime, and minimize the risk of negative exposure. Scale Computing's BCDR Planning Service includes planning, deployment, documentation creation, and disaster recovery testing, covering every aspect to keep businesses prepared and resilient. The service is offered to Scale Computing Platform customers, which brings simplicity, high availability, and scalability together to replace existing infrastructure for running virtual machines with an easy-to-manage, fully integrated platform that allows organizations to run applications regardless of hardware requirements. About Scale Computing Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Using patented HyperCore™ technology, Scale Computing Platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime, even when local IT resources and staff are scarce. Edge Computing is the fastest-growing area of IT infrastructure, and industry analysts have named Scale Computing an outperformer and leader in the space, including being named the #1 edge computing vendor by CRN. Scale Computing's products are sold by thousands of value-added resellers, integrators, and service providers worldwide.

Read More

Server Virtualization, VMware

StorMagic Introduces Edge Control Software to Simplify SvSAN Monitoring and Management

Business Wire | October 18, 2023

StorMagic®, solving the world’s edge data problems, today announced the immediate availability of a new Software as a Service (SaaS) tool that allows users to easily monitor and manage all of their SvSAN clusters around the world. StorMagic Edge Control simplifies the process and tools required for day-to-day SvSAN cluster administration. SvSAN customers with multiple locations can significantly reduce the time spent managing their edge sites, whether they are using VMware, Microsoft or KVM hypervisors. “ESG research shows increasing demand for data storage at the edge which fuels an increased need for monitoring solutions that can help address the complexity of storage at the edge,” said Scott Sinclair, practice director at Enterprise Strategy Group. “SvSAN customers can greatly benefit by adding StorMagic Edge Control into their toolkits; the dashboard views and list formats will make centralized data management much easier and more accessible.” Edge Control delivers centralized administration for SvSAN environments of all sizes. Customers can now manage all SvSAN deployments in any location from a single pane of glass. Dashboard and system views provide a fast but comprehensive status of all of their virtual storage appliances (VSAs), allowing them to keep their environment up-to-date more easily and react faster as needed. “StorMagic customers of any size can now manage their entire SvSAN estate, whether it’s one site or thousands of sites around the world,” said Bruce Kornfeld, chief marketing and product officer, StorMagic. “Edge Control is particularly interesting for customers who are considering switching from VMware to Microsoft or Linux KVM because SvSAN and Edge Control are both hypervisor agnostic.” Pricing and Availability Edge Control version 1.0 is available today from StorMagic. SvSAN customers can download and begin using the software immediately, free of charge. About StorMagic StorMagic is solving the world’s edge data problems. We help organizations store, protect and use data at and from the edge. StorMagic’s solutions ensure data is always protected and available, no matter the type or location, to provide value anytime, anywhere. StorMagic’s storage and security products are flexible, robust, easy to use and cost-effective, without sacrificing enterprise-class features, for organizations with one to thousands of sites.

Read More

Virtualized Environments

VeriSilicon Unveils the New VC9800 IP for Next Generation Data Centers

Business Wire | January 09, 2024

VeriSilicon today unveiled its latest VC9800 series Video Processor Unit (VPU) IP with enhanced video processing performance to strengthen its presence in the data center applications. The newly launched series IP caters to the advanced requirements of next generation data centers including video transcoding servers, AI servers, virtual cloud desktops, and cloud gaming. The VC9800 series of VPU IP boasts high performance, high throughput, and server-level multi-stream encoding and decoding capabilities. It can handle up to 256 streams and support all mainstream video formats, including the new advanced format VVC. Through Rapid Look Ahead encoding, the VC9800 series IP improves video quality significantly with low memory footprint and encoding latency. With capable of supporting 8K encoding and decoding, it offers enhanced video post-processing and multi-channel encoding at various resolutions, thus achieves an efficient transcoding solution. The VC9800 series of VPU IP can seamlessly interface with Neural Network Processor (NPU) IP, enabling a complete AI-video pipeline. When combined with VeriSilicon’s Graphics Processor Unit (GPU) IP, the subsystem solution is able to deliver enhanced gaming experiences. In addition, the hardware virtualization, super resolution image enhancement, and AI-enabled encoding functions of this series IP also offer effective solutions for virtual cloud desktops. “VeriSilicon’s advanced video transcoding technology continues leading in Data Center domain. We are working closely with global leading customers to develop comprehensive video processing subsystem solutions to meet the requirements of the latest Data Centers,” said Wei-Jin Dai, Executive VP and GM of IP Division of VeriSilicon. “For AI computing, our video post-processing capabilities have been extended to smoothly interact with NPUs, ensuring OpenCV-level accuracy. We’ve also introduced super resolution technology to the video processing subsystem, elevating image quality and ultimately enhancing user experiences for cloud computing and smart display.” About VeriSilicon VeriSilicon is committed to providing customers with platform-based, all-around, one-stop custom silicon services and semiconductor IP licensing services leveraging its in-house semiconductor IP.

Read More

Backup and Disaster Recovery

Minimize the Cost and Downtime of Disaster With Scale Computing's Business Continuity/Disaster Recovery Planning Service

PR Newswire | October 25, 2023

Scale Computing, a market leader in edge computing, virtualization, and hyperconverged solutions, today announced its Business Continuity/Disaster Recovery (BCDR) Planning Service, designed to help organizations establish a comprehensive, regulated plan for responding to unforeseen downtime. The service provides Scale Computing customers and partners with the tools, guidance, and resources to create a playbook for data backup and recovery, enabling businesses to endure a disaster scenario with minimal loss. Scale Computing also recently announced that it is a finalist for the Business Continuity/Disaster Recovery Project of the Year in the 2023 SDC Awards for its work with Austrian managed service provider GiGaNet and its long-time partner the Zillertaler Gletscherbahn group. Voting for the SDC Awards is open at sdcawards.com/vote until November 10th, 2023. Data breaches are one of the biggest and most costly contributors to downtime for businesses. In 2023, the average cost of a data breach globally reached an all-time high of $4.45 million, a 15.3% increase from 2020. Simultaneously, the average length of business disruption following a ransomware attack in the United States reached 24 days last year, up 60% from just two years prior — a significant increase when downtime costs exceed $300,000 per hour for over 90% of mid-sized and large enterprises. For more than half of those businesses, the hourly outage costs range from $1 million to over $5 million. Recovery from an outage adds additional expense from which many enterprises are unable to bounce back. "Disaster can strike at any time, and every organization needs a consistently regulated playbook for how the business will respond — from action plans to recovery plans for bringing online the mission-critical servers businesses depend on," said Jeff Ready, CEO and co-founder, Scale Computing. "Knowing what systems need to be protected, planning for the ability to recover them, and having a full action plan for recovery should be at the forefront of every IT department's agenda, at the beginning of any infrastructure addition. With Scale Computing Platform, the plan for disaster recovery starts before equipment is even put into production, so IT leaders have a plan in place from day one that they can enact to ensure their business stays up and running, with minimal loss, should disaster strike. Our Business Continuity/Disaster Recovery Planning Service enables businesses to proactively classify systems based on their importance and implement a robust action plan, ensuring that our customers' and partners' critical systems are protected, validated, tested, and ready for recovery at any time." Whether a minor data loss or a business-wide shutdown, having a well-defined business continuity strategy is crucial to minimize financial impact, ensure continuous employee productivity, meet compliance and regulatory requirements, decrease liability obligations, reduce downtime, and minimize the risk of negative exposure. Scale Computing's BCDR Planning Service includes planning, deployment, documentation creation, and disaster recovery testing, covering every aspect to keep businesses prepared and resilient. The service is offered to Scale Computing Platform customers, which brings simplicity, high availability, and scalability together to replace existing infrastructure for running virtual machines with an easy-to-manage, fully integrated platform that allows organizations to run applications regardless of hardware requirements. About Scale Computing Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Using patented HyperCore™ technology, Scale Computing Platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime, even when local IT resources and staff are scarce. Edge Computing is the fastest-growing area of IT infrastructure, and industry analysts have named Scale Computing an outperformer and leader in the space, including being named the #1 edge computing vendor by CRN. Scale Computing's products are sold by thousands of value-added resellers, integrators, and service providers worldwide.

Read More

Server Virtualization, VMware

StorMagic Introduces Edge Control Software to Simplify SvSAN Monitoring and Management

Business Wire | October 18, 2023

StorMagic®, solving the world’s edge data problems, today announced the immediate availability of a new Software as a Service (SaaS) tool that allows users to easily monitor and manage all of their SvSAN clusters around the world. StorMagic Edge Control simplifies the process and tools required for day-to-day SvSAN cluster administration. SvSAN customers with multiple locations can significantly reduce the time spent managing their edge sites, whether they are using VMware, Microsoft or KVM hypervisors. “ESG research shows increasing demand for data storage at the edge which fuels an increased need for monitoring solutions that can help address the complexity of storage at the edge,” said Scott Sinclair, practice director at Enterprise Strategy Group. “SvSAN customers can greatly benefit by adding StorMagic Edge Control into their toolkits; the dashboard views and list formats will make centralized data management much easier and more accessible.” Edge Control delivers centralized administration for SvSAN environments of all sizes. Customers can now manage all SvSAN deployments in any location from a single pane of glass. Dashboard and system views provide a fast but comprehensive status of all of their virtual storage appliances (VSAs), allowing them to keep their environment up-to-date more easily and react faster as needed. “StorMagic customers of any size can now manage their entire SvSAN estate, whether it’s one site or thousands of sites around the world,” said Bruce Kornfeld, chief marketing and product officer, StorMagic. “Edge Control is particularly interesting for customers who are considering switching from VMware to Microsoft or Linux KVM because SvSAN and Edge Control are both hypervisor agnostic.” Pricing and Availability Edge Control version 1.0 is available today from StorMagic. SvSAN customers can download and begin using the software immediately, free of charge. About StorMagic StorMagic is solving the world’s edge data problems. We help organizations store, protect and use data at and from the edge. StorMagic’s solutions ensure data is always protected and available, no matter the type or location, to provide value anytime, anywhere. StorMagic’s storage and security products are flexible, robust, easy to use and cost-effective, without sacrificing enterprise-class features, for organizations with one to thousands of sites.

Read More

Events