ESG's Doug Cahill brings you his thoughts from VMworld Europe 2018
Read the related ESG Blog: Recapping VMworld Europe: Built-in Cybersecurity for Hybrid, Multi-Clouds
As a follow-up to VMworld US in Las Vegas this past August, VMware reiterated their compelling albeit ambitious strategy at VMworld Europe in Barcelona. The strategy is really well aligned, in my opinion, with the design center and the requirements for managing and securing today's hybrid clouds.
It's one that's predicated on having flexibility, ability to run any application on any cloud, access from any device with intrinsic security. Now, the way VMware thinks about a hybrid cloud is one that is multidimensional, one that is multi-cloud and comprised of both private on-prem customer-managed clouds, consumption of public cloud infrastructure, and maybe even telco clouds.
Since most organizations consume services from more than one cloud service provider, VMware is also focused on supporting this multi-cloud reality. At VMworld Europe, VMware announced a new partnership with IBM that will allow organizations to run their VMware workloads on IBM cloud and have managed that hybrid environment with vRealize. VMware also reiterated the fit of the recent acquisition of CloudHealth to help organizations optimize their cost across multi-cloud environments.
No hybrid cloud discussion is complete without talking about containers. And at VMworld Europe, VMware announced their acquisition of Heptio to allow organizations to manage and orchestrate their container infrastructure. VMware rightfully notes that the relationship between VMs and containers is not an "or,"but rather than an "and" that will have a heterogeneous application stack moving forward.
Okay, so what about intrinsic security? VMware CEO Pat Gelsinger rightfully noted in his keynote that security is fundamentally broken because it's too often bolted on and we're in this never-ending cycle of chasing bad. The notion of building security in is actually what I spoke about at both VMworld US and VMworld Europe, more specifically about integrating automated security into the continuous integration and continuous delivery processes that is the backbone of how we do software development and software delivery today.
More specifically though, VMware is talking about their AppDefense offering that it's integrated at the hypervisor layer so that all guest VMs are automatically protected. Now, AppDefense takes an anomaly-based approach to protect workloads from anomalous activity by first baselining the intended behavior of that workload and then detecting activities that could be indicative of a compromise such as an exploit, highly appropriate approach, and auto scaling groups where all workloads ought to be exhibiting the same behavior during runtime.
VMware also makes the case that we do expand our perspective of network security that's been north-south centric to also monitor east-west traffic with its NSX micro-segmentation offering that can allow organizations to implement at least privileged security model and to mitigate the lateral movement of threats horizontally across their infrastructure.
Now 20 years old, VMware has a history of disrupting markets by first virtualizing servers, then virtualizing the desktop and now virtualizing the network. The strategy the company has articulated that both VMworld US and now recently at VMworld Europe is well aligned with the hybrid and multi-cloud construct of today's modern data center.
Their acquisitions of CloudHealth, and now Heptio, will allow them to further execute upon that strategy. In a multi-cloud heterogeneous infrastructure, organizations will need a broker to be able to manage these complicated environments. VMware aims to be that broker. Stay tuned for more.