vCloud differs from traditional virtualization in its increasing reliance on automation, increased scale, and dynamic workload management. It is the equivalent of moving from a handcrafted workshop to a fully automated assembly line with the benefits of speed, reliability, and volume. To realize this goal, all of the components that constitute the vCloud must be interchangeable and secure. This can be achieved through Configuration and Compliance Management.

Configuration Management focuses on defining and maintaining information and relationships about a vCloud and its components and services. This may involve a Configuration Management Database (CMDB) to store data centrally or a Configuration Management System (CMS) to federate data across multiple repositories. Another aspect of configuration is to maintain a record of the single source of truth for each piece of data, and coordinate the exchange of data with external systems.

In contrast with Configuration Management, Compliance Management focuses more on maintaining corporate vCloud provider or tenant standards for systems that might include compliance standards such as PCI, SOX, or HIPPA. In addition to security settings and firmware, software, and patch levels, Compliance Management is concerned with change management, user access, and network security.

Together, Configuration and Compliance Management validate that configuration settings, firmware, software, and patch versions all follow predetermined standards and policies set by the controlling organization, which can be the vCloud provider, the tenant, or the sub-tenants.

A major goal of implementing a vCloud is to lower ongoing OpEx costs. To realize this goal, promote and maintain standardization of as many components as possible while maintaining a high level of security and compliance. The following practices are necessary to realize maximum OpEx savings: