| Component | Physical Machine | VM |
| BIOS | Unique BIOS for every model. BIOS need updates & management. | 1 BIOS for entire datacenter. BIOS need no update & management. |
| Virtual HW | Not applicable | A new layer below BIOS. Need update on every vSphere release. |
| Drivers | A lot of drivers loaded, bundled with OS | Minimal drivers. VMware Tools |
| Storage | See the SAN. Need HBA drivers. Has multi-pathing software. Has advance FS or Volume Manager Storage QoS by array | See local disk. No FC/NFS. Multi-pathing by vSphere FS or Volume Manager not required. Storage QoS by vSphere |
| Network | NIC teaming. 2 cables/server VLAN aware. VLAN is normally used for segregation. VLAN complexity. Impacted by spanning tree. Switch must learn MAC address. Network QoS by core switches | NIC teaming provided by ESXi. VLAN provided by vSphere VLAN is not required (same VLAN can be blocked) No Spanning Tree, no need to learn MAC address. Network QoS by vSphere |
| Component | Physical Machine | VM |
| HW upgrade | Mostly offline | Mostly online. Operation changes. |
| Utilization | 5%. No need to monitor closely. | 70%. Need to monitor closely |
| Monitoring | In-guest counter is accurate. HA provided by Cluster-ware Availability & Performance monitored by Mgmt. tools | In-guest counters not accurate. HA is built-in by vSphere Availability & Performance monitoring is via vCenter |
| Back up | Back up agent and Back up LAN needed. | Not needed in 90% of cases. |
| Anti Virus | Agent installed on Guest. Consume OS resoures and can be seen by attacker. | Agent runs on ESXi as VM. Does not consume OS resources. Can’t be seen by attacker. |
| Firewall | Centrally located. Another machine. Change IP = change rules | Distributed. Attached on each VM. Rules not tied to IP or hostname |
| Asset | Physical server is an Asset | VM is not an asset |
| Apps | All apps can run & supported | Most apps can run & supported |
No comments:
Post a Comment