Increasingly enterprises are attempting to utilize existing technology to conduct business and affairs in a remote and more automated manner. For example, enterprises are now capable of deploying software services to remote facilities or customers over the Internet.
One problem with seamlessly providing services over a network is that each service or package of services that is to be deployed has to be pre-configured for the physical environment in which the service will be installed. That is, the target physical environment may have a specific operating system, a specific file system, etc., such that the deployed service requires pre-configuration before it can be distributed and deployed in an automated manner on the target environment. This custom and often manual configuration negates many of the benefits associated with automated service deployment.
Another more pressing problem arises with respect to security. Enterprises do not want to deploy services on rogue environments and do not want their deployed services to be compromised for purposes of proliferating viruses or other harmful effects within legitimate environments. By automating distribution and deployment of services, the services naturally become targets of nefarious individuals that seek to compromise the services or use the services to their illegal advantages in some manner.
Consequently, enterprises have attempted to use a variety of conventional techniques to minimize their exposure when deploying services over the Internet. For example, the services may include digital certificates, digital signatures, and/or may be encrypted. Yet, keys often used for security measures may themselves be exposed on a network wire during a transaction and if they are not they still can be discovered within the target physical environment in which they are used. So, if a target physical environment becomes compromised by an intruder, then the physical environment's keys can likewise be compromised, at which point the physical environment and any deployed services can also be potentially compromised.
Still, the modern enterprise is rapidly embracing virtualization for the abovementioned reasons and for a variety of other reasons as well, such as for reducing cooling costs, decreasing carbon footprints, decreasing energy consumption, increasing computing and storage availability, etc. In other words, the “Green Data Center” is become a mandate rather than an ecological statement. But as stated above, virtualization does not come without some costs, such as increased complexity and increased exposure to security attacks on both virtual and physical systems. For example, if a hacker can penetrate a virtualized system to run on a virtualized host machine under the hacker's control and direction, then much harm can be done without the owner of the virtualized system's knowledge.
Thus, improved data center management techniques are needed.