Blog Entry

Mar 14
2012 

Virtualization and a (New) Conflict of Interests

The ongoing debate around virtualization shows no signs of getting old. Virtualization has always created a ‘conflict of interests’ between those who worry about the technology (the software vendors) and those who enjoy the benefits it offers (the end customers of the aforementioned vendors).

There was a temporary sigh of relief in the world of automated license enforcement when new methods and techniques became available to bind software licenses in a more secure and reliable manner to a virtual machine . Almost overnight, all the concerns and fears of license duplication and misuse (albeit accidental or intentional) went away. The ultimate goal of eliminating the requirements for ISV’s to make a ‘VM/no VM’ decision at the time of deploying or activating their software was finally achieved. End customers could deploy applications where they liked, the vendors no longer had to care, and the world was a happy place.

Or so it seemed….

It wasn’t long before a new kid in town appeared – mobility. Virtualization offers a lot of pretty neat things that have been discussed in depth in the past, but one of the most significant aspects is mobility. The disconnection or abstraction of a system from its underlying hardware is taken to a new level with centrally managed infrastructures such as those offered by VMWare’s ESX/ESXi, as well as Microsoft and Citrix to name-drop others. This has introduced concepts such as live migration where VM’s are allowed to float around an infrastructure with no apparent dependency on any specific hardware. Of course, the true technicalities are not quite so simple, but it still makes a great example of where you can take things when you are in the realms of hardware abstraction.

But all of a sudden, we are faced with a new problem. To prevent a license from being misused, you need to tie it down to hardware. But, if you tie a VM to its underlying hardware then you are preventing it from migrating to new hardware.  So software vendors are back to making a choice once again. They can opt for higher security but take away a big piece of the deployment agility that their customers enjoy. Or, they have to reduce their own security expectations to support their customers’ needs.

Now, admittedly, I may well be somewhat over exaggerating the gravity of the situation.  After all, a forfeit with security in order to maintain end customer convenience is perfectly acceptable to many software vendors out there, and of course not everyone has a need for live migration in their deployment scenarios anyway. And also for many situations there are adequate solutions when incorporating floating/concurrent licenses – the ultimate and original example of disconnecting the application’s hardware from the license fingerprint.

But that doesn’t take away the simple fact that there is a new problem to worry about. Now, the debate is around creating security whilst maintaining mobility, and doing so in a way which is both convenient and unbiased. It’s the new challenge, the new Holy Grail. Like all those before it, it will get solved. Share how your organization is managing software deployments in agile virtual environments now!

I wonder what the next one after it will be…..