When discussing IBM Cloud for VMware Solutions with partners and customers, I repeatedly encounter three common misconceptions about the security of their workloads in IBM Bluemix’s dedicated private cloud infrastructure. I’d like to take a moment to clear up the myths surrounding VMware security in the cloud.
Myth #1: “My workload could be compromised by other workloads running on the same hardware.”
Occasionally, security vulnerabilities are reported against various hypervisors. While public cloud providers are quick to patch these vulnerabilities, it is fair to be concerned about the security of shared servers. But with IBM Bluemix bare metal infrastructure, your VMware workload runs on dedicated servers that are not shared with other customers, and you have full control of the hypervisor installed on the bare metal machine. You can rest assured that no other workload is sharing your server.
Myth #2: “My communications could be compromised by other workloads sharing the same network.”
While public clouds do not provide segregation of network traffic, the IBM Bluemix infrastructure dedicated private cloud provides dedicated network VLANs to segregate your network traffic from all other customers. You can rest assured that your network traffic is not visible to other workloads. For access to your VMware workload, several public and private connectivity options are available for you to connect to your intranet or even the Internet at your discretion.
Myth #3: “My data resides on shared storage infrastructure.”
Regulatory and industry standards may require you to prove the location of your data or to audit all access to it. This can be difficult in public clouds that use a shared storage infrastructure. By contrast, IBM Cloud’s VMware Cloud Foundation offering uses VMware vSAN technology in combination with local storage on your IBM Bluemix bare metal instances to provide highly available fault-tolerant dedicated storage. VMware vSAN virtualizes and mirrors the disks on the bare metal servers themselves to provide a virtual shared data store spanning the systems. Your data remains on your physical servers at all times.
IBM Bluemix for your VMware workloads
If you’ve despaired of using public cloud infrastructure due to VMware security concerns, why not take a second look at IBM Cloud for VMware Solutions on IBM Bluemix’s dedicated private cloud? I also encourage you to explore IBM Cloud Secure Virtualization, which combines Intel and HyTrust technologies to add workload encryption, access control and auditing, and geofencing capabilities to your VMware cloud.
If you want to know more about the security of VMware in the cloud, get in touch and we’ll explain how we ensure security and compliance for your workloads.
Watch this two-part on-demand webinar for an executive overview of hybrid cloud from Frost & Sullivan, and a look at best practices in hybrid cloud adoption from an IBMer focused on cloud architecture and solution engineering.
We are thrilled to announce the addition of China to the list of countries where Bluemix Dedicated is available. Effective June 17, 2016, a client in the greater China region can now choose between Beijing and Hong Kong to set up a Bluemix Dedicated environment for their most sensitive data and workload.
IBM Bluemix Container Service is based on Kubernetes and runs on top of IBM Bluemix Infrastructure; it automates the full end-to-end installation of Kubernetes through the Bluemix portal. This series of posts will explain what infrastructure components are involved, how to connect it to your existing workloads and data sources, and how to secure it. In this entry, we finish looking at the network details behind the communication between your container-based workloads in Kubernetes.