An inflexion point has been reached now that the number of virtual servers being shipped is outstripping the number of physical machines, says Tony Dennis. He examines the implications for financial institutions as virtualisation becomes standard operating procedure, and asks if it means the traditional perceived problems, such as knowledgeable staff shortages, and a lack of vendor support and security are now a thing of the past? As it becomes commoditised prices may also fall

For a number of years now, server virtualisation has been a key element in many banks and insurance companies' strategies to get more efficiency out of their data centres and IT infrastructures. Independent research carried out by KRC last year on behalf of Microsoft, for its Virtualisation in Banking Survey, showed that the majority (58 per cent) of large tier-one banks surveyed in the US and UK, have already implemented virtualisation across multiple aspects of their IT infrastructures.

Nevertheless, there is a pressing need to ensure a comprehensive management console for typically complex virtualised environments, and people are still learning how to get the best out of it and ensure a totally secure environment. Yet the uptake trend towards virtualisation continues because the traditional problems are receding as the technology becomes more common and best practice is slowly established, plus anyway the benefits far outweigh any possible implementation issues. The question now is what is the best way to introduce it?

A study from IDC Research entitled Western Europe Server Virtualisation Forecast & Analysis 2007-2013, shows its popularity by illustrating that for the first time ever last year, the number of virtual machine (VM) shipments exceeded the number of physical servers sent out; topping two million units. IDC also said that the drop in hardware spending caused by the recession has led to a break point in 2009 with VM shipments expected to be more than 10 per cent higher than physical server shipments. It predicts that by 2013, the ratio between virtual and physical server shipments will be 3:2.

"Alongside the well-known and well-publicised benefits, virtualisation presents potential implementation challenges to IT administrators that need to be mastered," says Giorgio Nebuloni, a research analyst with IDC European Systems. "Being so quick and relatively straightforward, the deployment of virtual machines can generate sprawling environments, where IT managers lose visibility of the amount of VMs and on their actual utilisation."

Management
Effective management is the key to remain in control of your data centre. "Virtualisation has delivered generous benefits to its users, but compared to its physical counterpart, it introduces a new dynamic that if not managed properly, can open up Pandora's Box," says Stephen Beaver, a virtualisation 'evangelist' with software vendor, Tripwire. "The speed and scale for which virtualisation is renowned is generating a new level of complexity and impacting configuration management more than ever. The ability to take things down and put them back up and move them around makes for an extremely dynamic environment. Knowing the relationship between the various components in an IT infrastructure is now paramount though," he adds. "Provisioning, dependency mapping, patching and auditing are all required in this new virtual world."

The catch is that management infrastructure for virtualisation just isn't as mature as that in the physical world. As an example, Beaver cites a financial firm with several VMs on a single piece of hardware that were interfacing to a storage system. Alerts from the storage equipment that the device was about to fail were being stored in a log, but the administrator didn't know the log existed. Hence the entire infrastructure failed after 30 days. The solution, Beaver believes, is that IT professionals should select management tools that can aggregate information and consolidate management tasks. This will enable professional staff to make both automated and intelligent decisions.

Standards, examples and competition
Financial institutions' worries about being too reliant on one single supplier - and paying too high a price for the technology - are now diminishing. The dominant position of VMware, which historically has been the chief innovator and the biggest vendor, is now waning as other vendors, such as IBM, Microsoft with Hyper-V and Citrix/Xen, increasingly target the market.

"For some time now clients have looked to virtualisation to deliver improved cost performance via increased virtualisation and better use of existing assets," says Graham Murray, a business executive with IBM Financial Services. "Innovative clients have moved further towards platform virtualisation though, to move beyond the basic benefits to a V+1 environment in which platform optimisation is now the key consideration. This allows clients to move towards the most cost effective platform, typically on Linux. Indeed virtualisation with Linux on Series z servers has taken off as clients, such as Bank of New Zealand and Allianz Australia, have successfully migrated non-core apps on to their Series z platform."

One company that hasn't specified the usual vendor suspects though is BlueCrest Capital Management. The company's IT team reviewed a number of server virtualisation products and management tools before installing the technology, including those from VMware and Citrix. However, it eventually decided to adopt Parallels' Virtuozzo Containers instead. As Andrew Roberts, co-head of IT at BlueCrest, explains: "What it essentially came down to was cost, performance and manageability. The other solutions would no doubt help us with server consolidation but when we looked at the additional numbers around management, we just weren't confident about the Total Cost of Ownership (TCO).

BlueCrest identified virtualisation as a cost effective approach to consolidating existing HP Proliant servers. This enabled it to free up space for installing new hardware. The technology also needed to both seamlessly integrate with the existing IT infrastructure and be easy to operate by BlueCrest's team of administrators who have a broad range of skills and responsibilities. Most notably, it is now being used regularly for User Acceptance Testing (UAT) of its market aggregation applications, disaster recovery, as well as hosting the standard back office apps.

There's a perceived lack of standards with the technology but vendors like Citrix are attempting to tackle this. Sotiris Kousouris, a senior IT manager at Piraeus Bank, who've worked with the vendor, reveals that: "We have used Citrix XenApp for six years to virtualise our applications. Implementing XenServer for our server virtualisation needs completes the final piece of the puzzle for us." According to Kousouris Citrix's commitment to open source technology and a standardised approach, mainly via its Xen.org open community, is encouraging.

Security, management and data recovery
Security and the ability of existing IT staff to cope with virtualisation are the two remaining 'traditional' problem areas with virtualisation still to be examined. Virtualisation environments share many of the same security challenges faced by physical server environments though so ensuring a safe platform shouldn't be too difficult, argues Simon Young, general manager for server security, at Trend Micro. "One challenge is the inability of appliance-based security to deal with attacks between virtual machines (VMs) on the same server, highlighting the need for mechanisms to be deployed directly on the server to protect these environments," he admits, but generally it should be fairly straightforward, stressing the proviso that: "A requirement has emerged for an approach to virtualisation security that allows protection to occur as close as possible to the asset itself."

Martin Niemer, group manager, EMEA, VMware, agrees that virtualisation has the same security challenges as physical. "It doesn't add security concerns, nor does it improve security," he states. "There are no real new challenges, rather the same old problems." Niemer points to the fact that VMware has achieved Common Criteria Evaluation Assurance Level 4 as proof of his company's commitment to security. "I think that achieving that [Level 4] is extremely impressive."

Niemer's approach to managing the virtual environment is similarly confident. "We're dealing with the same IT personnel so there's a requirement to give them the same tools. The ability for management tools to work within heterogeneous environments, such as VMware and Citrix, and also patch into IBM Tivloi and HP Open View, is crucial. Otherwise new virtualisation management tools will simply increase complexity and expense, which is counter-productive."

This approach contrasts with advice given by Forrester Consulting in research commissioned by Tripwire entitled Removing Barriers To Better Server Virtualisation Efficiency. The study says that it can be impractical to train all administrators on server virtualisation - in larger IT shops, there are simply too many people. Even so, large numbers of administrators are being trained but Forrester believes that more virtualisation-aware management tools and processes are necessary before firms can fully virtualise their production servers and reach the lowest possible cost per VM.

Ernesto Lobo, a recovery engineer with Kroll Ontrack, says he's spotted a ten-fold increase in the number of data recovery requests in virtual environments over the last twelve months. This is as a result of both the widespread adoption of virtual technology across all types of business [not just the financial sector], as well as the unique data management challenges posed by virtual environments, he says. "We're seeing firms use virtualisation to store data from multiple servers on a single storage device, effectively placing all their eggs in one basket. The volume of data at risk from a single failure is therefore much greater, making data loss potentially more catastrophic in a virtual environment. In some cases physical servers are still the suitable option and physical and virtual consolidation should be done sensibly." he adds. "The data itself is not any more vulnerable in virtual environments, so firms shouldn't be dissuaded from using the technology [just use it appropriately]."

The big question is what happens next? What future uses will a fully virtualised data centre be put to? According to Stevan Vidich, a technologist with Microsoft Financial Services: "As virtual machines become truly portable entities, and more organisations look to outsourcing, we will see new challenges around security, data protection and compliance. It will be easy to drop your customer-facing application virtual servers into a Cloud, federated or otherwise, but ensuring control will be another matter."


Case study: Royal London Asset Management
RLAM has embarked on a virtualisation project using VMware ESX software working with Kelway, a specialist IT reseller. The objective is to reduce the total number of physical servers down from 35 to eight. This is expected to deliver cost savings of £75,000 over five years from power reduction, with a Return on Investment (ROI) within three years.

"By working with Kelway to virtualise our servers, we will produce an environment that is fully flexible and future-proofed," argues Dennis Leeks, IT manager with RLAM. "We intend to reduce the number of physical servers by almost three quarters, which will provide us with room to grow and support future business developments."

The business has 180 end users plus two server rooms. However, the site has limited space and would eventually have run out of capacity for additional servers. Previously, procuring a new server took four to six weeks, but now a new server can be up and running in an hour.

"The flexibility of procuring a new server in an hour means we can be much more agile as a department and support the rest of the business in a more responsive way," he concludes.

Share Story: