This is a depiction of a customer’s typical virtualization journey put together by Vmware.In stage 1, orgs have begun virtualization all of their low hanging fruit – web servers, file and print servers, some app servers, and begun to realize the hardware consolidation and operational mgmt benefits that result in lower CAPX and OPEX costs.In stage 2, they have begun virtualizing more of their tier 1 apps and mission critical servers now. They are also leveraging some of the more advanced capabilities of virtualization such as automatic live migration, disaster recovery and software fault tolerance. Many stage 2 orgs have also started deploying virtual desktops as well.Benefits in stage 2 are even more cost efficiencies plus also higher QoS from the higher level virtualization capabilities.In stage 3, organizations have started leveraging private and public clouds. The IT dept has transformed itself into acting as a service provider with charge-back type processes where consumers of IT are in effect renting computing space and time from IT. Benefits are further cost efficiencies, QoS and faster business agility.If we now look at security and how it impacts the virtualization journey:As organizations move to stage 1, they typically employ the same technologies and processes as they did in the virtual world. Forrester survey data showed that 88% of N.A. orgs did have a SPECIFIC virtualization security strategy in place. As they move to stage 2, security starts playing more of a dampening role.A CDW study showed that the majority of organizations that considered themselves fully deployed with virtualization had only virtualized a 3rd of their servers. When asked why they stopped virtualizing, security was the primary barrier. (Other barriers were ISV support, performance concerns etc.)As orgs considered their move to stage 3, security was top of mind – IDC survey data shows that it is the #1 issue why orgs will not move to the cloud.