IT Business Edge's Arthur Cole spoke with Ken Ferderer, CTO of LineSider Technologies.

Cole: Enterprises were already having a tough enough time managing applications and data across virtual environments. What are some of the unique challenges they face as they head out onto the cloud?

Ferderer: The cloud provides significant advantages in terms of demand-driven access to just-in-time compute and storage resources, but also exposes many of the weaknesses inherent in the underlying infrastructure used to deliver those resources to enterprise end-users.

For instance, it is becoming apparent that in the initial stages of cloud adoption and deployment, many organizations are finding that the traditional static infrastructure severely impedes the benefits that could and should be realized by cloud-based delivery models. IT teams spend an enormous amount of operational time on creating and modifying network connectivity and security in cloud environments.

As well, the same application-access control and data security issues that encumber highly virtualized data center environments are even more intensified in the cloud as the resources are even more dynamic than traditional virtualized environments and, in the case of external clouds, exist outside of the enterprise security model. This places an enormous burden on enterprise network and security teams and existing infrastructure management tools that define and maintain access and security models to these highly fluid cloud-based resources. In many cases, the cost of operational support activities to maintain access and security to both internal and external cloud environments are a significant burden to IT budgets already stretched thin.

Cole: LineSider's OverDrive system is billed as a Network Services Virtualization Platform. What exactly does it do?

Ferderer: OverDrive addresses one of the biggest challenges facing large virtual computing deployments and cloud computing - the enormous amount of operational time spent on creating and modifying network connectivity and security.

OverDrive does three critical things. It virtualizes network infrastructure services that are normally running on switches, routers and firewalls into a comprehensive, holistic network model. Network services such as device configurations and changes are automated to respond to changes occurring to dynamic resources, such as users, applications, virtual compute, physical compute and storage.

It also allows business policies -- which define relationships between users, applications, network, storage, servers and virtual machines -- to be uniquely defined and dynamically executed across the network infrastructure. This allows virtual cloud resources to be extended to end users with full security and access control.

And finally, it delivers business policies that maintain access controls and security models across the network infrastructure, even as cloud resources are moved around the network infrastructure, such as when internal cloud resources are moved to external cloud providers.

Virtual machines by nature are created to be easily set up, moved, torn down and based on demand. However, the traditional network infrastructure is rigid and inflexible by design. Before OverDrive, the only way network infrastructure could be adjusted to support constantly changing VM requirements was by highly skilled technical engineers making changes to multiple devices, which takes days or weeks. Existing infrastructure and configuration management tools simply cannot scale with the amount and complexity of changes that need to be made in a virtual and cloud environment. With OverDrive, VMs can be brought online and full network access and security models connecting end-users to the VMs can be constructed across the network devices in a matter of seconds.

Cole: Most large organizations already have network- and resource-management systems in place. How does OverDrive integrate into existing management infrastructure?

Ferderer: OverDrive is not a technology built to replace existing management or process-control tools. Instead, OverDrive picks up where those existing configuration and network/element management tools fall short. Unlike these tools that rely on pre-defined configuration templates and tedious scripting to drive configuration changes device by device, OverDrive has been constructed to dynamically create and deploy device configurations based on business-level policies that define access and security requirements between network end points. These network end points can be an individual user or group of users and a network application or storage resource in the cloud. The OverDrive network services virtualization platform dynamically creates these device configurations without the need for pre-defined templates or scripting. More importantly, it constructs the entire end-to-end chain of services within its processing engine, working out all potential protocol conflicts and device incompatibilities prior to deploying any changes to a single network device.

OverDrive enables the network infrastructure to become fluid and responsive to dynamic virtual environments in a way that existing configuration management tools cannot scale. As OverDrive dynamically makes changes to the underlying network infrastructure, notifications can be sent to CMDB systems and higher-level process engines about the change so these tools can update their registries and databases. This level of automation, orchestration and control provides significant cost and time savings in terms of defining and deploying access and security models for cloud-based services that existing tools cannot match while ensuring that access and security models remain in effect even as virtual resources are moved around the network cloud or between internal and external cloud environments.