IBM cloud patching system highlights virtualization research

IBM's research division is working on several virtualization projects that could boost security of cloud computing networks, reduce data center power costs, and improve the ability to run multiple hypervisors and operating systems, including Linux and Windows.

IBM's research division is working on several virtualization projects that could boost security of cloud computing networks, reduce data center power costs, and improve the ability to run multiple hypervisors and operating systems, including Linux and Windows.

IBM and North Carolina State University this week announced a new "cloud computing patch tool" that updates virtual machines even when they are offline, boosting the efficiency of applying security updates to cloud networks. The tool is four times faster than current patch application systems, the organizations said.

FAQ: Cloud computing, demystified

"Current patching systems are designed for computers that are online and they don't work for dormant computers or virtual machines," Peng Ning, professor of computer science at N.C. State, said in a press release. "The tool we developed automatically analyzes the 'script' that dictates how a security patch is installed, and then automatically re-writes the script to make it compatible with an offline system."

Ning and colleagues from N.C. State and IBM describe the research in a report that is titled "Always Up-to-date – Scalable Offline Patching of VM Images in a Compute Cloud," and which will be presented at next week's Annual Computer Security Applications Conference in Austin, Texas.

The paper was first published in March, and IBM and N.C. State have tested the system on IBM's Research Compute Cloud, which provides services to IBM researchers.

Because many of the virtual machines in cloud networks are used infrequently, patches are not always applied in a timely manner, IBM said. "This leaves the VMs vulnerable to cyber-attacks when they are brought back online. The VMs are particularly vulnerable if they have been left dormant for months, and missed significant patches," IBM said.

The cloud patching system is just one of several virtualization research projects underway at IBM, which first started using virtualizaton on its own mainframe systems decades ago.

An IBM research paper published last month titled "VMFlow: Leveraging VM Mobility to Reduce Network Power Costs in Data Centers," describes a framework for placing and moving virtual machines "that takes into account both the network topology as well as network traffic demands," in a bid to reduce power use.

"Our simulation uses real data center traces and the results demonstrate that, by applying an intelligent VM placement heuristic, VMFlow can achieve 15 per cent to 20 per cent additional savings in network power while satisfying 50 per cent to 60 per cent more network demands as compared to recently proposed techniques for saving network power," IBM researchers wrote.

In still another research project, dubbed "Turtles," IBM has proposed a nested virtualization system for Intel-based x86 systems.

The Turtles project puts nested virtualization into the KVM hypervisor, which is part of Linux, allowing flexibility to run multiple hypervisors and operating systems.

"The Turtles project … runs multiple unmodified hypervisors (e.g., KVM and VMware) and operating systems (e.g., Linux and Windows)," IBM researchers state. "Despite the lack of architectural support for nested virtualization in the x86 architecture, it can achieve performance that is within six per cent to eight per cent of single-level (non-nested) virtualization for common workloads."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Configuration / maintenanceLinuxIBMhardware systemsnon-WindowsData CenterNorth Carolina State Universityoperating systemscloud computinginternetvirtualization

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jon Brodkin

Network World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?