A Sense of Security Blog

VM Sprawl: A Networking Crisis

The networking world has an expensive and potentially dangerous challenge:  VM (virtual machine) sprawl.

VM sprawl occurs when the number of VMs on a network reaches a point where the administrator can no longer manage them effectively.1  Because creating a new VM can be done with ease by business users (not just IT), VM sprawl is a common problem in modern day networks.

The potential consequences are not minor in any sense.  It’s important to remember that VMs have the same security and compliance issues that physical machines do.2  What if a developer created a VM and installed DNS on it or made it a domain controller?  Or what if a marketing person had a VM created for a demo but didn't patch it and a virus invaded it?3  In addition, there is money at stake … every VM on the network has a license and support cost associated with it.  They also take up storage space and processing power.

While still keeping business users happy with their ability to “spin up” a new VM, IT departments need to track where those VMs are located.  VM usage should also be tracked to know when they are under-utilized and no longer necessary for the business.

Lumeta ESI can help to control VM sprawl by getting full visibility into how many VMs are on the network.  Once fully aware of the true number of VMs, an IT team can then help manage these assets, possibly identifying VMs that can be turned off.  (ESI can also provide real-time alerts if network segmentation policies are violated – helping with the security and compliance issues associated with “rogue” VMs.)

How do you manage VM sprawl?  Do you have it under control?


[1] and [2] http://whatis.techtarget.com/definition/virtualization-sprawl-virtual-server-sprawl
[3] http://www.techrepublic.com/blog/virtualization-coach/what-is-your-best-definition-of-vm-sprawl/