nobeastsofierce - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Can vCloud Director clamp down on a VMware vApp?

The self-service portal used by many cloud platforms could open businesses to potential security risks if files are uploaded before they have been screened and cleared by administrators.

Virtualization has changed the fundamental way computing resources are allocated and consumed across the data center. Software now plays a crucial role in defining servers, storage and networks, which have traditionally been static, hardware-centric systems.

As virtualization matures and blends into private cloud technology, the concept of a software-defined data center is taking hold. Tools such as VMware's vCloud Director (vCD) and vCloud Automation Center  -- now called vRealize Automation -- can provision and manage complete virtual data centers carved out of available physical resources. But vCloud tools require careful planning and consideration.

The foundation of any cloud environment focuses on flexibility, scalability and self-service. As a result, it is a common practice for users to upload files to the private cloud such as media files or a virtual appliance such as a VMware vApp. However, any user uploads carry the risk of security flaws, including a Trojan horse, virus or other malware. Tools like vCD can quarantine uploads until the files are checked and vetted. When using the quarantine function, a third-party tool, such as a virus scanner, can be used to check the files before vCD makes them available.

Quarantine is enabled through the General option of the Administration tab in vCD. Remember to include a timeout value to define the duration of the quarantine; if the file is not vetted by the expiration, then it will be deleted. Once you apply any changes, uploaded files will not be available until vCD accepts them. If accepted, the file will be made available for use. If not, the file will be deleted.

At this point, the vCD administrator will need to implement some means of handling quarantine service messages -- either manually or automatically. Two popular options include using Java's JConsole through the Java Message Service or another client that supports the streaming text-oriented message protocol.

Dig Deeper on Using VMware cloud computing tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.