Do we need it?
I tried to think of reasons why I might want to use virtualization. The obvious benefits involve cost savings, since virtualization can maximize the utilization of systems and ease systems administration. For example, the approach that IBM is promoting would give administrators centralized control of desktop PCs. Applications would be delivered via Citrix from blade servers virtualized with VMware. In the case of my agency, though, this sort of effort to move computing power off the desktop seems like a waste, since we have a significant investment in desktop systems.
IBM is promoting this vision with a television commercial in which a systems administrator faints dead away because he is overwhelmed trying to manage a huge server farm. The solution, according to the ad, is to buy IBM blade servers. But how many blades would you need to support several thousand virtual machines? The idea is to save big bucks by trading in your server support personnel costs for sophisticated hardware. But that hardware will cost you big bucks as well, and you still need support personnel.
Of course, my real concerns are security issues. One consideration is that you can run an untrusted application in an isolated sandbox or "jail." That sounds like a good thing to do, but unfortunately, I just can't readily think of an application we should apply that to. And when I think of disaster recovery, virtualization looks like a loser. When you're running several applications on a single server, you lose several applications when that server goes down. I'd rather run more servers, each one housing its own critical business application, so that when a server fails, I have to restore just one application, not five or six. I've already got the servers, and if I have any money to spend, I'd rather invest it in improved server management tools.
We've invested in Microsoft Windows 2003 servers on Dell hardware, with Windows XP on the desktop. We manage the environment with Active Directory, among other tools. Our network and security monitoring tools are stand-alone applications running on Linux.