DC Infrastructure Policy Enforcement – What is the right approach?
Where does policy definition, enforcement and auditing belong in a data center? Should it be silo’d for individual functions or aggregated into a centralized policy solution. There are a log of established and emerging companies in this space (Voyence, HyTrust, Embotics, etc), but each of them focused specifically on 1 area of the DC (for the most part) like VMs, Network or Storage. How do these solutions fit together to support APPLICATION level policy (what customers really care about) inclusive of all the pieces and parts (the building blocks, if you will) that need to come together to deliver that application
I would argue that the silo specific (VM, Network, Security, etc) policy management needs to be a tightly integrated key feature of the silo specific device management & provisioning solution (all of which should be fully automated, of course). On top of this, there needs to be an Application level policy solution that seamlessly ties each of the silo specific offerings together (the building blocks) to allow the definition of, enforcement of and auditing of App policy in customer/cloud environments. The question is, how do you effectively tie all these blocks together?
What do you think?
