Whereas ideal topologies of infrastructure clouds are usually shown in a well-ordered model, we discovered that actual production infrastructure have very complex topologies. How can we approach their complexity in tool-supported analysis?
In a real-world analysis performed at IBM Research for a global financial institution, we found that the topology of virtualized infrastructures can yield great complexity.
The configuration of large numbers of hosts, hypervisors, virtual machines, storage systems and networks bears risks for faults and inconsistencies beyond the capability of manual checking.
We concluded that we need automated tools, which not only do this analysis for us, but can be configured freely with an abstract language for security goals.