One of the issues with working and having a young family is you end up doing a full days work and going home to a baby who wants loads of attention who then doesn’t let you sleep because she’s teething….. Yup, the joys of being a parent…. but I wouldn’t give it up for anything!!
So this blog comes a few days late because I didn’t have much time to finish watching the replay of Tuesday General Session and write a blog due to already mentioned circumstances. =)
Tuesdays’ General Session replay is now available here:
So Monday was all about the transformation of the data centre, making it cloud friendly and able to support workloads wherever they’re deployed (so Any Cloud).
Tuesdays’ session was more around the End Users experience, Any Application on Any Device and I have to admit that I thought Sanjay Poonen’s demo of Workspace ONE was pretty awesome – I’ve not seen a full demo of the products capabilities but I was struck by how much you could do with the suite of products and how integrated it all was – Infrastructure, VDI, Mobile Device Management, Identity Management, Security…… Control yet Choice!!
We’ve all seen the demos of AirWatch integration, how single sign on has been implemented, we’ve seen the demos of Horizon View on tablets, etc…. what I’ve not seen before was how security could be implemented to prevent unauthorised data being published…. like the conditional-access demo of how financial data taken from a spreadsheet in Office 365 was blocked from being copied into Twitter (which was an unmanaged application). What was even more impressive was the NSX integration to use conditional-access policies (ie changes to firewall rules for a particular group of people) to prevent data being presented in a dashboard depending on whether the user is accessing it inside the corporate firewall or externally.
And I was impressed with the VMware Trustpoint demo of endpoint visibility and management, looked very simple to use to implement endpoint security.
Finally, VMware introduced a brand new technology that represents the next phase of their digital workspace vision – VMware Unified Endpoint Management (UEM) – a new architecture that brings app, desktop and mobile management together with next-gen security and identity interwoven throughout, delivering a simpler but more secure digital workspace!
Next up was Ray O’Farrell and Kit Colbert to talk about containers…. and how admins can extend management, monitoring and security to containers. It looks like VMware vSphere Integrated Containers will have 2 new features:
- Admiral – which is a Container Management Portal to allow developers and app teams to manage their repositories and images.
- Harbor – which is a Container Registry (based on Docker Distribution) which allows developers and app teams to securely store their images including management and access control.
The demo was interesting as it showed the integration between VIC and NSX and how network security can be applied to containers, as well as the integration between VIC and vROps for monitoring of containers. The demo went one step further and showed how vRA was used to automate the deployment of container hosts as well as showing access to the Container Management Portal.
There wasn’t much on Photon Platform that we didn’t already know – VIC allows IT to extend the existing infrastructure to accommodate container-based applications alongside traditional apps, and Photon Platform allows IT to build a complete computing platform solely for containers and cloud-native apps.
Next up was the new GM/EVP of Networking and Security to talk about NSX. If I’m honest, I found Rajiv Ramaswami a bit wooden – far different from the charisma of Matin Casado…. which is a shame as the one product everyone should get excited about this year is NSX! I have to agree with Rajiv when he says that “the single greatest infrastructure transformation he has seen” is with Network Virtualisation. Networking is undergoing a huge transformation with vendors and customers looking at transitioning from hardware-centric to software based solutions.
Not much was said about NSX that we didn’t already know….
- Security – it does Micro-segmentation to allow you to provide fine-grained security to every VM and helps you architect security as an essential part of the data centre
- Automation – it allows you to automate workload provisioning and cuts down deployment time because network and security can be quickly provisioned in software and attached to VMs (policy-based management)
- Application Continuity – it enables your applications and data to reside and be accessible anywhere. In addition it can reduce your RTO when integrated into your Disaster Recovery solution.
One thing that was new was the demo of vRealize Network Insight used to create NSX pre-assessment reports. Those of you following the news will know that this has come about from the acquisition of Arkin a few months back. I’ve had a play with the Arkin tool as the VMware NSX SEs in the UK were recommending it as a Network Assessment tool for partners to use when trying to sell NSX (prior to the acquisition and release of vRNI). I really like how it graphs traffic flow and patterns, tracing network traffic between VMs and giving you deeper insight into what goes on inside your virtual environment (ie the East-West traffic flows). The other clever thing is how it is able to carry out flow analytics to provide recommendations for grouping VMs together when planning for micro-segmentation. The only issue is it needs vSphere Distributed Switches!
I quite liked the NSX Planning tool tech preview – how flows can be captured, then analysed and grouped into traffic patterns and security groups. The application map can then be used to create firewall rules based on what the tool discovered. Very clever stuff!
Finally Yangbing Li talked about Hyper Converged Infrastructure and VSAN. VSAN has come a long way since its launch a few years ago, and I see it as an enterprise-ready storage offering! HCI is a very hot topic this year, customers are now looking at HCI solutions when it comes to new projects or hardware refreshes. Hardware vendors are aware of this and there are so many different types of HCI solutions in the market today! I’ve been involved in a number of discussions with my customers around HCI and EMC/VCE VxRail in particular!
A couple of new features were introduced during the VSAN demo: software-based Encryption and Analytics. The VSAN demo with vRA showed how the performance analytics engine could pro-actively inform users that a VM should be migrated from a VSAN hybrid cluster to an all-flash cluster, and through changing the storage policy in vRA the VM was automatically migrated (in the demos case, the VM was migrated to a public cloud!). What this also underlined was how NSX was also involved in moving the network and security policies as the VM was migrated to the public cloud (although you didn’t see it in the demo). So not only did the demo show the analytics engine working, it also showed how the VMware Cloud Foundation platform could be used.
I don’t know if it’s just me, but it seems that everything mentioned during the two keynote sessions always reverted back to network and security, it felt that NSX was underpinning everything (Cross-Cloud Services, Workspace ONE, containers, etc). VMware are putting a lot of emphasis on Cross-Cloud capabilities and how data management and governance will play a key part of cloud consumption. I guess the VMware vision of Any Device, Any Application, Any Cloud really does require something that can govern where data sits and how it’s being consumed!