If like me, you’re stuck in a sweltering London enjoying the bank holiday and watching the Game of Thrones season 7 finale, you may have forgotten that over in Vegas the city is just getting over the big fight of Mayweather vs McGregor and is now inundated with people looking to attend VMworld 2017 US.
It’s great that VMware live stream their keynotes, as it gives everyone an opportunity to hear first hand what VMworld will be about this year and also what is being announced!
And it’s of no surprise that VMware have continued to strengthen their vision on “Any Device, Any Application, Any Cloud” with the keynote by Pat Gelsinger. Whilst heterogeneous is a great thing that leads to the consumerisation of IT, it plays havoc with IT admins who’s key focus is to contain and secure a company’s data – and it’s worth noting how much emphasis is being placed on security within VMware – NSX is intrinsic to every solution that was mentioned during the keynote!
The first thing that was covered was how the digital transformation is affecting end users – the goal for any company is to ensure that their employees are well connected, yet the challenge is a complex one when you realise how many different technologies an end user has access to – smartphones, tablets, laptops – even smartwatches and cars now! So how do you deliver an unified workspace securely across multiple technologies?
Simple – Workspace ONE – piecing it all together to give companies a “consumer simple but enterprise secure” solution. Delivered in 3 areas:
- Apps and Identity – applications with a consistent feel across multiple devices. Secured by a common identity framework with a simple Single Sign-on experience.
- Management and Security – IT in control, delivering consistent management & security. Drastically improving tasks that were previously costly, time consuming, and resource intensive, whilst still in control of data by combining identity and device management to enforce Data Security and Endpoint Compliance.
- Desktop and Mobile – Device Management and Compliance provided by AirWatch Unified Endpoint Management, protecting sensitive data as well as conditional access to how that data can be consumed by end-users.
Next Pat went on to explain that virtualisation has led to end-users deploying a private cloud within their own data centres, yet making such a transition is not an easy step – deployment isn’t straight forward, lifecycle management and day 2 operations isn’t always easy, and trying to secure different technologies of a private cloud is painful!
VMware’s goal is to “make Private Cloud Easy“ and that’s where Cloud Foundation comes along – a fully integrated SDDC stack that ‘just works’…. simple… agile… secure! version 2.2 was announced and is now GA.
Pat was then joined by Andy Jassy, CEO of AWS, to announce the General Availability of VMware Cloud on AWS. Announced as a tech preview at last years VMworld, it should be noted that it’s currently only available today in the US West Coast region Availability Zone, it will then be rolled out across the East Coast AZ before rolling out to the rest of the AWS global AZs by the end of 2018. So I guess we’re going to expect it in the UK late 2017/early 2018!
VMware Cloud on AWS allows you to seamlessly take a workload running on vSphere in your data centre and migrate it to AWS Public Cloud running a VMware stack – using the same tools (vCenter Server) to manage both your private and your public cloud workloads from a single pane of glass! A consistent feel no matter where your workload resides. What Andy Jassy said was correct – in the past customers hated the fact that if they wanted to consume public cloud, there was no easy way of migrating workloads across without some form of translation occurring. It was also painful and costly to manage as you couldn’t use a single tool to manage both private and public cloud.
VMware’s Cloud Strategy is as follows:
The first 7 VMware Cloud Services were announced as available for consumption.
NSX Cloud is an interesting service that addresses networking and security operational challenges inherent with using multiple public clouds. Unfortunately at launch it’s only available on AWS to protect EC2 workloads (ie native AWS workloads – not vSphere workloads which is what VMware Cloud on AWS gives). It differs from on-premise NSX as it is delivered as a service and managed by VMware.
As I previously said, NSX is a key foundation to every solution at VMware currently:
Security is hugely important… and Pat breaks it down into 3 components:
- the need to build it into the infrastructure
- the need to integrate with the current security vendor ecosystem
- the need to ensure good cyber hygiene and ensure security policies are in place. The 5 pillars of Cyber Hygiene are:
- Least Privilege
- Multi-factor authentication
Two years ago, VMware first began talking about the concept of the “Goldilocks Zone” where the hypervisor sits at the ideal location in the network to improve security. During the keynote VMware announced a new product named AppDefense which looks to be the fruition of Project Goldilocks.
AppDefense allows a virtual machine to learn its manifest and understand what is a good and secure process, it’s then able to determine whether the runtime behaviour of a VM or application deviates from its intended state. Finally it’s able to trigger an automated/orchestrated response to remediate or quarantine any detected anomalies.
Strange that searching the VMworld Europe Content Catalog for AppDefense doesn’t bring up any sessions…. which is a shame as I was hoping to schedule a session after hearing the keynote and reading about it.
Roll on Day 2….