Recapping VMworld Europe: Built-in Cybersecurity for Hybrid, Multi-Clouds (Includes Video)

Cahill_VMworldEuropeAs a follow-up to VMworld US in Las Vegas this past August, VMware reiterated its compelling albeit ambitious strategy at VMworld Europe in Barcelona. From my perspective, that strategy is well aligned with the flexibility today’s enterprises require – the ability to run any app on any cloud accessed from any device with intrinsic security. This is the true essence of hybrid clouds for which VMware has a comprehensive definition – private cloud, public clouds, as well as Telco clouds – and a plan to offer a hybrid cloud control plane with equally flexible delivery options.

While VMware is clearly deepening its partnership with AWS, since most organizations consume services from more than one public cloud platform provider, it is also expanding into the multi-cloud arena. At VMworld Europe, the company announced a partnership with IBM that will allow customers to bring their VMWare workloads to IBM cloud and manage them via VRealize. Also on the multi-cloud front, VMware reiterated how recently acquired CloudHealth will help organizations optimize cost across multi-cloud platforms. No hybrid cloud discussion is complete these days without including containers in the conversation. To substantiate that VMs and containers are an AND not an OR proposition, the company announced the acquisition of Heptio for container management and orchestration.

OK, so what about the intrinsic security bit? CEO Pat Gelsinger rightly makes the point that security is fundamentally broken because it’s bolted on and we’re on this never ending cycle of chasing bad. The notion of building security in was actually the theme of a talk I gave at both VMworlds – integrating and thus automating security in the continuous integration and continuous delivery pipeline of the DevOps approach of application development and deployment. More specifically, VMware is speaking to how it has implemented its AppDefense workload security solution at the hypervisor layer so that all guest VMs are automatically protected.

AppDefense takes a really interesting approach to workload security, one that is arguably highly appropriate for workloads in autoscaling groups in which there should be no deviation from normal behavior. AppDefense detects and prevents just that by modeling normalized application behavior  - the intended state – and takes action when anomalous activity is detected such as the behavior of an exploit. VMware also makes the case that we need to expand the purview of network security from a north-south orientation to one that also monitors and controls east-west traffic to prevent the lateral movement of threats, prescribing NSX to do just that. 

Now 20 years old, VMware has a history of disrupting IT from virtualizing servers to virtualizing desktops to software-defined networking. The strategy the company laid out at VMworld US and now VMworld Europe brings forward all these innovations into the hybrid cloud of today’s data center. The acquisitions of CloudHealth and Heptio are proof points of execution. In a heterogenous, hybrid, multi-cloud world, customers will need a broker and VMware aims to serve that very role.

Watch the video for more of my recap of VMworld Europe.

Topics: Cybersecurity