The third element, security and compliance, provides the confidentiality, integrity, and availability of each tenant’s environment at every layer of the VMware stack, using technologies like VMware vCenter Single Sign-On identity management and role-based access control, encryption, key management, firewalls, malware protection, and intrusion prevention. This is a key design factor pertinent to both service provider and tenant.

The shared vCenter Server solution must verify that all activities performed in the provisioning, configuration, and management of the multitenant environment, as well as day-to-day activities and events for individual tenants, are verified and continuously monitored. It is also important that all operational events are recorded and that these records are available as evidence during audits. vRealize Log Insight provides the functionality to meet this design requirement.

 

In addition, as regulatory compliance expands, the shared vCenter Server environment will become increasingly subject to security and compliance standards, such as PCI DSS, HIPAA, and SOX (GLBA). With the proper tools, achieving and demonstrating compliance is not only possible, but it can often become easier to accomplish than in a non-virtual environment.