Visible to the public Evaluating Scalability and Performance of a Security Management Solution in Large Virtualized Environments

TitleEvaluating Scalability and Performance of a Security Management Solution in Large Virtualized Environments
Publication TypeConference Paper
Year of Publication2018
AuthorsYang, Lishan, Cherkasova, Ludmila, Badgujar, Rajeev, Blancaflor, Jack, Konde, Rahul, Mills, Jason, Smirni, Evgenia
Conference NameProceedings of the 2018 ACM/SPEC International Conference on Performance Engineering
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5095-2
Keywordsbenchmark, composability, Performance, pubcrawl, Scalability, security scalability, virtualization
AbstractVirtualized infrastructure is a key capability of modern enterprise data centers and cloud computing, enabling a more agile and dynamic IT infrastructure with fast IT provisioning, simplified, automated management, and flexible resource allocation to handle a broad set of workloads. However, at the same time, virtualization introduces new challenges, since securing virtual servers is more difficult than physical machines. HyTrust Inc. has developed an innovative security solution, called HyTrust Cloud Control (HTCC), to mitigate risks associated with virtualization and cloud technologies. HTCC is a virtual appliance deployed as a transparent proxy in front of a VMware-based virtualized environment. Since HTCC serves as a gateway to a customer virtualized environment, it is important to carefully assess its performance and scalability as well as provide its accurate resource sizing. In this work, we introduce a novel approach for accomplishing this goal. First, we describe a special framework, based on a nested virtualization technique, which enables the creation and deployment of a large scale virtualized environment (with 30,000 VMs) using a limited number of physical servers (4 servers in our experiments). Second, we introduce a design and implementation of a novel, extensible benchmark, called HT-vmbench, that allows to mimic the session-based activities of different system administrators and users in virtualized environments. The benchmark is implemented using VMware Web Service SDK. By executing HT-vmbench in the emulated large-scale virtualized environments, we can support an efficient performance assessment of management and security solutions (such as HTCC), their overhead, and provide capacity planning rules and resource sizing recommendations.
Citation Keyyang_evaluating_2018