You know a company or technology has hit the big time when it has a "world" named after it. Just as Apple has MacWorld and penguin fans have Linux World, we now have VMWorld, hosted by VMWare, the storage virtualization firm that just executed the biggest tech IPO since Google. Investors have been pouring money into virtualization startups, all of which are developing products to help big IT organizations get more out of their hardware, systems and applications. The first virtualization market to explode is the one where VMWare plays --boosting the capacity of data-center servers. But that's just the start, and the number of companies presenting at the conference and range of their technologies begs the question -- is there anything that can't be virtualized?
Some Silicon Valley investors think the answer is "no," and that big companies will move in the direction of utility computing -- where everything from operating systems to applications to data will be hosted somewhere else and accessed only when needed. With most data servers operating at less than 20% capacity, "resources need to be allocated more efficiently, and that's why all the trends are pointing to utility computing," says Mark Leslie, an early investor in VMWare and, before that, a founder of Veritas Software. But to get to this "nirvana," as Leslie calls it, "you have to solve all kinds of problems first." One of those is the bottleneck lodged in all the interconnects between servers, storage gear and networking equipment, according to Leslie, who along with the venture firm Kleiner Perkins has invested in Xsigo Systems, whose virtualization software is targeting the problem.
Virtualization is bigger than data center power savings. It's a technology that does for the data center what the early desktop operating systems did for personal computing. Think "point and click" servers and applications created, saved, moved, reverted in seconds. Instead of racks filled with various network hardware appliances think racks of blade servers populated with software that replaces dedicated hardware. Instead of massive intrusion detection boxes protecting "pipes" think thin layers of software protecting individual blades in vast processing fabrics.
Virtualization signals massive change for the network hardware/appliance business, especially solutions requiring customized, dedicated hardware. It means levels of change/mobility beyond what any major netsec (network security) appliance is capable of comprehending.
Pacific Crest has forecasted a $1-$2 billion virtsec industry in 3-4 years. At that rate it will eclipse the established, mature network intrusion protection hardware market before key vendors can again invent even faster custom chips to keep up with mutating exploits.
Virtualization will convert network pipes to virtual traffic flow fabrics faster than the netsec players can re-architect; and I predict many will make major fluff announcements by next year (2008) in a vain effort to stem the tide with their largest customers. But it will be too little, too late.
For starters, much network security gear is very high maintenance and suffers from accuracy and latency (traffic impedance) issues. When data centers become blade fabrics the high maintenance world of pipes will become the unbearable maintenance world of netsec. Netsec hardware will have to be re-architected to protect blade fabrics, not an easy task for devices designed to inspect all traffic for all possible exploits and perform low layer pattern matching (Where's Waldo).
Virtualization will turn the world of network security on its head and foster a new generation of players and capabilities. Its about time.