Government agencies are realizing the savings and benefits of virtualization and for those who haven’t yet capitalized on the opportunities of implementing this technology solution, they may want to learn from their peers. The move towards virtualized environments is inevitable but there are existing best practices that can make the transition smoother.
Last week during the McAfee Public Sector Summit held in Arlington, Va., a group of senior IT leaders from the Securities Exchange Commission (SEC), Recovery Accountability and Transparency Board, Department of Homeland Security(DHS) United States Department of Agriculture (USDA) came together to discuss the evolution towards a virtualized enterprise.
Virtualization is a necessity said Dr. Michael Valivullah, CTO, NASS, USDA, which publishes 420 reports on time, all the time without errors to meet a 99.995 percent accuracy requirement. The large amounts of data they collect need to be stored, analyzed and, due to the confidential nature of the data, kept secure.
Keith Tripple, Executive Director for Enterprise System Development Office for Office of the CIO at Department of Homeland Security (DHS) added that virtualization is a great opportunity to “to clean the clutter.” His organization, which is only three-and-a-half years old, set up hundreds of servers and software in its first year since they didn’t have the virtualized technologies that are available today.
However, over the past six months, with new virtualization technologies available, Tripple went on a cleaning spree to get rid of all the clutter. “We shut it all down and saved on 30 terabytes of data in my office alone.” But he didn’t stop there. “Fifty-nine servers, or so, were shut off in the past couple of months and those are just in the development and test environments.” This means that even more savings can be realized as virtualized technologies are rolled out into the production environment.
The virtualized environment also requires a new approach to data security. Panelists weighed in on best practices and considerations to take into account when agencies make this move.
“It’s a learning curve and the fact that we are now sharing assets and services, it is now an entirely different paradigm” said Tripple. He went on to say that with a different model than the old they must “question what they are doing as the leadership team to help train our security folks to get ready for this new world.”
Tom Bayer, CIO of SEC, chimed in, “it is a different world working in a virtualized environment and I think it is important also when moving into the cloud to make sure you are replicating the existing environments. So if you have a highly available environment, make sure you are contracting in the cloud with two distinct data centers. ” He went on to say, “make sure you sweat the details like you did when it was in your own data center and make sure that it is separated geographically and they can measure up from a NIST security perspective. “
The SEC, according to Bayer, had to change the way they did business in order to successfully move to a virtualized environment during the past two years. For the SEC, this meant that changed the way they traditionally monitored applications. “What we did in order to improve our performance is move to automated metrics and those metrics allow us to understand when our systems are up and down and when we have issues. We also locked down our change control and configuration management before we initiated the move [to a virtualized environment].”
SEC has 95 percent of their servers virtualized at this time and, as Bayer reports, the improvements and efficiencies has made the migration worth it. “We’ve seen a reduction in our day-to-day issues and call center reports show a reduction of tickets from the end user. So we’ve seen an improved performance at a lower total cost of ownership.”