CA Community






This Blog
Syndication
Blogroll

July 2010 - Posts

Is Resource Utilization Still a Reliable Indicator of Performance?

Published: July 26 2010, 01:27 PM | no comments
by Lakshmi Pedda

As application owners and their business constituents lose direct control of the physical resources that support their applications, they will in turn demand that the IT organization be able to prove that the shared infrastructure is not at fault for performance issues. For example, the owner of a business-critical, revenue-generating application will insist that the virtualized infrastructure is at fault when the application performance management system reports response time issues. To meet these demands for performance assurance, and to maintain support for further virtualization projects, IT must have tools that accurately measure how the performance of the virtual infrastructure is impacting each application.

The hypervisor vendors basically collect resource utilization data, such as CPU, memory, network, and disk utilization, and use this data to try to infer the performance of the virtualized environment – an approach that is fundamentally flawed. Collecting resource utilization statistics to create patterns of normal and abnormal usage are no longer effective.

Infrastructure response time (IRT) is a term coined by Bernd Harzog, a leading analyst tracking the virtualization market. IRT is a superset of resource and availability management. When optimized for a virtualized environment, solutions in this category collect vCenter data, but build on this data by collecting unique data of their own, which allows them to provide a response time-based perspective on infrastructure performance. This perspective takes the end-user experience interacting with the application into account, an approach that offers a vast improvement over the resource-based view of performance.

IRT is defined in Bernd’s white paper, “Infrastructure Performance Management for Virtualized Systems”, as the time it takes for any workload (application) to place a request for work on the virtual environment and for the virtual environment to complete the request. The request could be as simple as a bi-directional exchange of data between two guest VMs on one host over the vSwitch. Or the request could comprise multiple hops among various VMs on multiple hosts and then include a database transaction, which ultimately requires a write to a storage array and a confirmation back to the original requesting component of the application. Each separate portion of the request and the associated responses must be timed so that the actual experience of the end-user who initiated the request can be evaluated.

Deploying a virtualization performance management solution built around a broad and deep understanding of individual application infrastructure response time represents the most credible approach to virtualizing the production environment. CA Technologies offers this to customers in CA Virtual Assurance
Share this post:  
Tags: , , ,
Leave a comment

 

By: Lakshmi Pedda
Lakshmi is a senior principal product marketing manager, responsible for product marketing of the ‘CA Virtual’ portfolio – a key pillar of CA Technologies strategy. She is well versed in all aspects of marketing including evangelistic role for server virtualization, go-to-market plans, program execution...
Read More..

Virtual Entitlements (VE) Sprawl

Published: July 21 2010, 07:31 AM | no comments
by Birendra Gosai

The late 1990's and early 2000's saw a proliferation of applications within the enterprise. This was not only limited to applications from vendors like SAP, Oracle, JD Edwards, PeopleSoft, etc., but also included JAVA and .NET-based custom applications. Around the same time, regulations such as HIPAA, PCI, and Sarbanes-Oxley were introducing various certification and compliance mandates on organizations. The large number of entitlements introduced by ERP, CRM, financial, legacy, and custom applications, coupled with the regulatory mandates, created a pressing need for comprehensive management of application entitlements within IT organizations.

Companies like Virsa Systems (acquired by SAP in 2006 for more than $400 million), Vaau (acquired by Sun), Eurekify (acquired by CA Technologies), Aveksa, and SailPoint, took the initiative to meet these entitlement management needs. They help customers manage application entitlements, ease certification/audit requirements, and enforce fine-grained access controls by providing role-based access control (RBAC), role modeling and role administration capabilities.

IT organizations will soon face challenges managing infrastructure entitlements in the virtual environment, similar to those faced with the management of application entitlements. With the advent of virtualization, a large number of new entitlements are being introduced into the data center. Management applications such as VMware vCenter, Microsoft SCVMM and XenServer Essentials, provide their own set of roles and entitlements for ESX/ESXi, Hyper-V and XenServer administration, respectively. The ability to couple/decouple the management of virtual machines to/from the management applications, access requirements by third-party applications, and the dynamic nature of end-user console access requirements, will exaggerate the problem of managing entitlements within the virtual environment. IT organizations that try to manage infrastructure entitlements in silos will face problems similar to those encountered with the management and certification of application entitlements.

Virtualization management products, such as those in the CA Virtual portfolio, provision, configure, assure, secure and optimize heterogeneous virtual environments. Comprehensive role modeling and analytics capabilities, coupled with virtualization management technologies, can provide a strong foundation to expand RBAC for the comprehensive management of entitlements across heterogeneous virtual environments - thus helping contain Virtual Entitlements Sprawl (‘VE Sprawl').

Share this post:  
Tags: , , ,
Leave a comment

 

By: Birendra Gosai
Birendra Gosai has a Masters degree in Computer Science and over ten years of experience in the enterprise software industry. He has worked extensively on data warehousing, network & systems management, and security management technologies. He currently works in the virtualization management business...
Read More..

Privileged User Management in the Virtual Environment

Published: July 20 2010, 11:42 AM | 1 Comment(s)
by Birendra Gosai

Server virtualization promotes flexible utilization of IT resources, reduced capital costs, high energy efficiency, highly-available applications, and improved business continuity.  However, virtualization brings along with it a unique set of challenges around management and security of the virtual infrastructure, especially privileged user management. Privileged users enjoy much more leverage in the virtual environment as they have access to all the virtual machines running on a host - hence tight control of privileged user entitlements is essential. Comprehensive capabilities to secure the virtual environment are necessary for organizations to prevent virtual stall, expand virtualization enterprise-wide, and reap the benefits promised by this emerging technology.

Virtualization technology adopts many concepts from the mainframe world. With product offerings like CA ACF2, CA Top Secret and CA Access Control, CA Technologies has a long history in providing comprehensive security for the mainframe and distributed environments. To meet the needs of its customers, CA Technologies now introduces CA Virtual Privilege Manager - a scalable and extensible product that secures access to the virtual environment, and sets the foundation for a comprehensive Access Control suite.

CA Virtual Privilege Manager secures privileged user access to virtual machines, hypervisor service consoles, and virtual appliances - helping organizations control privileged user actions, secure access to the virtual environment, and comply with industry mandates.  It delivers key capabilities to manage privileged user passwords, harden the hypervisor service console, and monitor user activity. CA Virtual Privilege Manager also provides a centralized foundation for privileged user management that serves as a single pane of glass to secure privileged user access across virtual and physical environments.

CA Virtual Privilege Manager is the only product that, in addition to securing virtual environments, provides heterogeneous platform support, a centralized foundation for privileged user management, and on-ramp to an enterprise-wide solution that spans beyond the virtual environment and includes support for applications, databases, and infrastructure components in the physical environment.

Click here for our latest press release on the CA Virtual portfolio.

Share this post:  
Tags: , ,
Leave a comment

 

By: Birendra Gosai
Birendra Gosai has a Masters degree in Computer Science and over ten years of experience in the enterprise software industry. He has worked extensively on data warehousing, network & systems management, and security management technologies. He currently works in the virtualization management business...
Read More..

Building a Private Cloud with Cisco UCS & CA Service Automation

Published: July 16 2010, 11:35 AM | no comments
by Brandon Whichard

I took an informal poll while attending Cisco Live in Las Vegas. The question was simple: "Do business users try to go around corporate IT for service?" An overwhelming majority of the respondents answered yes. There is little doubt many of these business users are searching for the flexibility promised by public cloud vendors.

Of course, everyone wants more flexibility and faster time to market but the public cloud is not the only way to achieve this. In fact, analysts have been predicting that most organizations will adopt a hybrid strategy using both public and private clouds. The simplest way for internal IT to prevent the "end run" by business users is to offer better service at a lower cost.  One of the best ways to accomplish this is deploying an internal private cloud.

Until recently, building a private cloud was complicated and costly but new technologies have greatly simplified the process. A successful private cloud always starts with a resource pool where capacity can be dynamically added, removed and reconfigured as requirements change. Cisco Unified Computing System (UCS) offers all of these capabilities in one elegant platform. UCS service profiles make it simple via a one-step process to provision all the necessary computing resources (network, software & storage) needed for configuring a server. These capabilities make UCS the ideal platform for a private cloud resource pool.

Of course, deploying a private cloud requires more than just a resource pool. You also need a self-service portal that makes the private cloud accessible to end users and reporting to track utilization. At CA Technologies, we have collaborated with Cisco to ensure CA Spectrum Automation Manager, a core component of our Service Automation portfolio, delivers these capabilities.

As you set out to deploy your internal private cloud, remember you'll need three core components to be successful: a resource pool, self-service portal and utilization reporting.  As you evaluate partners and vendors make sure they offer a complete and cost effective way to build a private cloud.

The next time business users tell you they're using the public cloud make sure to show them how the private cloud offers the same benefits at a discount. After all the best way to win the hearts and minds of business users is to save them money!

Share this post:  
Tags: , , , , ,
Leave a comment

 

By: Brandon Whichard
Brandon Whichard is part of the product marketing team working in CA's Virtualization and Service Automation Business Unit. He is responsible for promoting and evangelizing CA’s Data Center Automation solutions. Prior to joining CA Technologies, Brandon held a variety of product management and marketing...
Read More..

Dynamicism, Virtual Environments and the CA Technologies Approach

Published: July 01 2010, 04:53 PM | no comments
by Andrea Westerinen

"Dynamicism is a word that's hard to say three times fast, yet probably describes quite well where data centers architectures are headed. As in, the proliferation of virtual processor instances and of network sprawl is creating a confusing situation with lots of IT bodies in motion." ... So begins a recent article in InformationWeek, an interview with Don Ferguson ("Server Den: CA Seeks IT Automation Sweet Spot").  The virtual world is indeed dynamic, requiring innovative tools and approaches.  Don, CTO of CA Technologies, talks about three key concepts that are driving our company in the design of answers - integration, "informed optimization" and aligning IT with business.  Part of the CA Technologies solution is the Unified Service Model and CA Catalyst.

I talked about USM and CA Catalyst in previous posts on aligning business and IT, and on automating and aligning business processes.  I won't repeat the details, but want to take this opportunity to ask for your input and feedback on the work.  The Unified Service Model is explained (and the complete schema provided) on the CA-USM-Catalyst global user community.  Additional information is being prepared on our REST-ful APIs to access the Catalyst store, information on writing Catalyst "connectors", and much more.

How does this all tie together?  In the InformationWeek article, Don highlights that ... "We have a major focus on a concept called Insight. We will look at your environment in all of its complexity and we will surface it to you in an intuitive model. So, for example, if you've got a very complex, interconnected environment, we will enable you to see how transactions flow through them."  Insight is dependent on understanding our customers' and partners' environments, problems and management requirements.  The CA-USM-Catalyst global community exists as a way to provide this information and ask questions.  We may not have all the answers right away, but asking the questions helps us to get there.

I encourage anyone interested in these topics to join the CA-USM-Catalyst community.  If you don't want to read the documents, that is fine (although I would encourage you to read the USM Schema Overview in the document library).  Just start by asking questions, outlining requirements and beginning a dialog.

Share this post:  
Tags: , , , ,
Leave a comment

 

By: Andrea Westerinen
Andrea Westerinen is Vice President of Software Engineering, and an evangelist for semantic technologies, working in CA’s Office of the CTO. She is responsible for the development and oversight of CA’s Unified Service Model (USM), and for the design of innovative infrastructure to better align business...
Read More..

More Posts