ROSA Virtualization

Virtualization management system ROSA VIRTUALIZATION

ROSA Virtualization is a fully functional platform which provides an enterprise level virtualized data center out of the box in a few ours. The Web GUI has full Russian language support and provides a virtualization management center with management controls for hypervisors, virtual machines, storage, clusters and other virtual environment entities.

This system supports up to one thousand virtual machines and can be used not only in the private business data centers but also in the data processing centers of the governmental offices and factories. The discretionary and role based access control models makes this system different from e.g. OpenStack based models. In 2018 ROSA Virtualization was certified by FSTEC which verified its use in the State level operating systems including those dealing with the personal data.

Software and hardware requirements:

  • Server hardware for the engine hosting (can be deployed on a VM)
  • Virtualization servers for hosting hypervisors (with CPUs supporting virtualization technologies)
  • Security domain server (use already installed one (in case of AD, FreeIPA or RHDS) or deploy it on a VM)
  • Data storage system
  • high performance network infrastructure

FSTEC certified:

  • The system is certified by FSTEC to be compliant with the requirements of the FSTEC order N 17
  • Meets 7 of 9 requirements (minus the firewalling and antivirus features)
  • First virtualization environment management system in Russia with integrated (not overlaid) information protection tools
  • Certificate issue date is May 4th 2018

Key features:

  • Easy installation
  • Russian GUI support
  • Certified by FSTEC to be compliant with the requirements of the FSTEC order N 17
  • Centralized control center provide the administrator with means to configure virtual machines, VM pools, remote desktops, hypervisors, storage, clusters and data centers.
  • VM integrity monitoring
  • Minimal operator workplace requirements are browser and a browser plug-in
  • Support for all modern Linux and Windows distributions on the guest machines
  • Support for FreeIPA directory server (out of the box installation) and Microsoft Active Directory accounts identification, authentication and authorization through the security domain
  • Support for discretionary and role based subject/object access control models (user to VM, hosts, clusters, data processing centers etc)
  • Inherited multi-level admin roles and security permissions for every action and entity of the platform
  • Centralized audit with logging functionality
  • High host scalability with support for up to 160 logical processors and up to 2TB RAM per host
  • High scalable guest VMs with support for up to 64 virtual processors and up to 1,8TB virtual RAM per VM
  • A small hypervisor (host) which consumes less than 300MB RAM
  • Support for Python based RESTful API
  • Dynamic large pages allocation (2MB versus 4KB) per VM with higher performance due to less frequent memory access and higher productivity for most workflow processes
  • Memory pages sharing which allows to allocate more RAM than the hardware RAM permits
  • Paravirtualized VM interruption controller which reduces VM load and increases guest productivity under overload
  • Asynchronous IO mode which on many cases results in much better productivity
  • The network stack is implemented as part of the hypervisor’s kernel which increases productivity and reduces response time
  • Support for port aggregation in high performance and high availability networks
  • Multiple networking, multiple data flows and traffic partitioning (user and administrative), VLAN support
  • Support for NFS and iSCSI storage
  • Support for local hard drives, locally connected SAN and other storage supported by core Linux drivers
  • Support for GlusterFS as a storage mounts
  • Multiple VM creation based on templates and using VM pools
  • Live VM migration allowing to move virtual machines from one host to another within clusters and data centers
  • High available virtual infrastructure due to VMs automatic restart on other hosts whenever the hardware failure occurs, with multiple priority levels and in accordance with the high availability policies
  • Host maintenance modes which allow migration of running VMs to other suitable hosts and perform hypervisor or  hardware maintenance
  • Load balancing policies for automatic load balancing between hosts within cluster
  • Data base servers hardware monitoring with support for the low level interface management software (ILO, IPMI etc)
  • Support for the paravirtualization drivers installation on the guests
  • Remote graphical desktop sharing using VNC or SPICE protocol (with SPICE also supporting sound and USB devices)
  • Two way forwarding for USB devices (to and from the client) and USB devices access control
  • VM migration from other virtual solutions including VMware vSphere

The system is built upon multiple software tools (see the picture)

  • Centralized control center
    • Hypervisors control center for monitoring the agents which are part of the data centers and run on physical servers
    • Control center for the hardware operability checks (the hardware monitoring must be supported by server-side hardware managers such as IPMI, ILO etc)
    • VM control center for starting, stopping, creating and deleting virtual machines
    • Network control center for managing network connections within the data center
    • Audit control center which monitors current events including security events
    • Storage control center which manages and monitors data center storages
    • Access control manager
    • User connections management
  • Hypervisors
    • Hypervisor hosting running virtual machines or administering them following the commands from the control center
    • Management subsystem agent which connects to the control subsystem and transmits administrative action, and also different status info about itself and about the server it runs on
    • Storage access agent (which may be an own local storage, a shared storage access point or a user of the shared storage) and also some other service components
  • Domain server
    • AD, FreeIPA, RHDS or any other Kerberos-LDAP domain with standard LDAP RFC scheme. Domain server is used for working with discretionary and role based access control models which helps in distributing control over  resources and users
  • Storage
    • The storage is a disk space, local or shared and presented logically as a network, distributed or local file system with support for iSCSI, SCSI FC, NFS, GlusterFS mounts and also own server storage.


FSTEC certified

  • 25 virtual machines
    1 year of standard support
    390 000₽
  • 50 virtual machines
    1 year of standard support
    620 000₽
  • 100 virtual machines
    1 year of standard support
    1 150 000₽
  • 1000 virtual machines
    1 year of standard support
    9 800 000₽

Without FSTEC certified

  • 25 virtual machines
    1 year of standard support
    210 000₽
  • 50 virtual machines
    1 year of standard support
    400 000₽
  • 100 virtual machines
    1 year of standard support
    750 000₽
  • 1000 virtual machines
    1 year of standard support
    6 000 000₽

Наш сайт использует файлы cookies, чтобы улучшить работу и повысить эффективность сайта. Продолжая работу с сайтом, вы соглашаетесь с использованием нами cookies и политикой конфиденциальности.