Virtualized Security: Hype vs. Reality

There is an old adage in computer science that states: "All problems in computer science can be solved by another level of indirection..." Virtualization, broadly written to include techniques at both the network and host, has enabled computation, storage, and communications approaches that leverage new software layers to abstract complexity. However, any computer scientist who has been around the block more than once will tell you there is more to the old adage: "...except of course for the problem of too many indirections." Security, performance, and availability problems plague these new approaches and in many cases the reality simply doesn't live up to the hype. In this discussion we will tease out what is genuinely new and exciting about virtualization and what are simply old ideas in new packaging. We will approach this problem with a particular bent towards security and network virtualization, discussing the impact of new network virtualization technologies, such as software defined networking (SDN) and network feature virtualization (NFV).