2. Improve security
As more data centers become virtualized, hackers are sure to take a closer look at hypervisors and try to identify vulnerabilities. Hypervisors have not yet become a central point of attack but in a recent interview Forrester Research analyst James Staten says he expects them to become a big target in the next year.
"As we've seen with other technologies, the point where they're almost ubiquitous in the market is when hackers go after them," Staten says.
VMware has stripped its hypervisor down to a 32MB software package with 200,000 lines of code, presenting a relatively small attack surface to hackers. The company also announced a program two years ago to open its hypervisor to security vendors with a set of APIs making it easier to protect virtual machines, but VMware has not moved fast enough on this front in the eyes of some observers.
Some vendors say the APIs present performance problems making them difficult to use, as Network World reported in December.
"We're not using the VMware APIs today due to performance," says Richard Park, senior product manager at SourceFire.
VMsafe has been adopted by vendors including Altor Networks, Reflex, IBM ISS and Trend Micro, so the SourceFire concerns are not universal. There are security problems beyond VMsafe, however.
In vSphere, VMware released what it calls vShield Zones that let customers create zones in which security policies are enforced even when virtual machines move from one server to another. But this software doesn't integrate with VMware's Distributed Resource Scheduler, a load balancing product, Wolf notes.
"VMware's load-balancing framework does not respect security zones created with vShield Zones, and its capacity management tool (CapacityIQ) does not account for zoning," Wolf writes in a recent report.
"The left hand has to know what the right hand is doing," Wolf says in an interview.
3. Win the desktop war
Desktop virtualization is in the plans of many big companies, opening up big revenue opportunities for VMware and its competitors. Citrix, a tight partner of Microsoft, is making a strong push into this market with XenDesktop, which aims to deliver high-definition desktops to nearly any type of device.
VMware should have a built-in advantage in pursuing desktop customers, because many of them are already using VMware's hypervisor. But many companies that use VMware's server technology have opted for Citrix on the desktop. In fact, many Citrix virtual desktop customers are using VMware ESX servers to host the desktops.
One of VMware's latest moves on the desktop front was to upgrade VMware View with the PC-over-IP protocol (PCoIP), a server-centric system designed to provide great-looking desktops even to users suffering from low bandwidth.
But Citrix delivers desktops in high definition with its HDX technology, and VMware is struggling to convince customers that its own PCoIP is a better alternative.
Lowe of Westminster College is planning a VMware View desktop deployment but is concerned about VMware's ability to deliver multimedia, including Flash applications. "They need to make sure the desktop experience closely mimics a physical desktop experience," Lowe says.
Balkansky says PCoIP is "a big step forward" but stops short of saying that it does the job as well as Citrix. In desktop virtualization, he says, "there is always this tendency to try to boil things down to a single feature and a single silver bullet, and the truth is that there is no single bullet or single feature that is make-or-break."
VMware still has work to do to integrate PCoIP with WAN accelerators like Riverbed's appliance, Wolf says, and give users more options for connecting to desktops. For example, some government users want the ability to connect to a desktop with just a Web browser, without having to install software on a local machine, but have run into roadblocks with VMware on that front, he says.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.