Kathy Gibson reports from VMworld 2020 – Change of the magnitude that we are going through can be very challenging, but it also brings new opportunities to reimagine how we deliver IT services.

That’s the word from Tom Gillis, senior vice-president and GM of the network services business unit at VMware, who says lockdown and the new imperative for remote working have allowed companies to able redefine what we do and where we do it.

“For instance, work has stopped being a place you go and rather become the thing you do.”

But working from home brings a new set of technology challenges, with poor network connections arguably the biggest frustration for many workers.

“Employees around the world have discovered that the network connection they have at home is not the same as what they are used to at work,” Gillis points out.

With the majority of workers having to remotely access the corporate network, the way we used to do this via virtual private network (VPN) links has simply not stood up to the challenge.

Instead, VMware advocates alleviating network congestion by extending the software-defined wide area network (SD-WAN) to users’ homes.

“SD-WAN capability can reduce network performance issues by up to 90%, and deliver a WAN experience in the comfort of people’s homes,” Gillis explains. “Plus, we can bring better security to this distributed world as well.

“Secure access Service Edge (SASE) means you can take your corporate security and deliver it around the world.”

With SD-WAN providing the platform providing a quality of service to the user experience, SASE adds zero-trust access control driven by policy, and an NSX firewall filters traffic to protect end users while adding advanced web service controls.

Gillis adds that VMware is also able to define the digital workspace and secure any endpoint, anywhere, with the Carbon Black suite of security solutions.

“It’s not just the end user workspace that is changing,” he adds. “The data centre is changing as well.

“Time was, we have monolithic applications. Now, with modern application development tools we are able to build lots of pieces or services that make up the application.

“But this brings new challenges: specifically, how do we do security?”

With VMware’s virtual cloud solutions, organisations’ data centres can start looking more like the data centre of a public clod provider.

“The difference is that the public cloud provider has thousands of engineers running their data centre,” Gillis says. “Instead, at VMware, we have 10 000 engineers building this for you. Our architecture designed to run in your private cloud, and can also extend seamlessly on to the public cloud.

“At the heart of the VMware Virtual Cloud Network is the ability to connect edge to core to cloud, using network automation.”

The VMware Virtual Cloud Network innovations launched today help will customers create a modern network that better supports current and future business initiatives.

With advancements across the VMware networking and security portfolio, customers will be able to more effectively manage the rapid shift to remote work, deliver traditional and modern applications faster and more securely, and reduce the cost and complexity of connecting and protecting the distributed enterprise.

VMware will deliver new Virtual Cloud Network innovations across three areas: automation that enables the public cloud experience; modern application connectivity and security services; and solutions that re-imagine what’s possible in network security.

 

Network automation that delivers a public cloud experience

VMware will add more cloud automation and scale, uptime and resiliency, ML-based predictive analytics, and intelligence to the virtual cloud network.

VMware NSX-T 3.1 will support even larger-scale global deployments and disaster recovery use cases and automated deployment workflows. VMware will double the scale of NSX Federation, add new API-driven advanced routing and multicast capabilities, and offer Terraform Provider support.

VMware vRealize Network Insight 6.0 will bring new assurance and verification capabilities as well as expanded VMware SD-WAN visibility. These updates will enable better planning for virtual and physical networks, improved network uptime and resiliency, faster troubleshooting, and proactive identification of potential network problems based on intent, and more effectiveness in achieving service level agreements.

VMware Edge Network Intelligence is a new AIOps solution based on technology acquired from Nyansa. It will provide automated and actionable intelligence that helps assure users and IoT devices on campus, in branches, or in the home get the network performance they need to support applications.

 

Connecting and protecting modern apps

Organisations looking to improve productivity, agility, and customer experience are embracing a container-based, micro-services architecture and standardising on Kubernetes for container management.

The connectivity and security needed to address microservices requirements while at the same time connecting Kubernetes clusters to the infrastructure introduces the need to a rich multilayer networking stack.

VMware is extending the Virtual Cloud Network to connect and protect these environments through VMware Tanzu Service Mesh powered by NSX and support for Project Antrea, an open source that enables Kubernetes networking and security wherever Kubernetes runs including on-premise vSphere, public clouds as well as edge.

Tanzu Service Mesh includes new capabilities focused on improving application continuity, resiliency, and security.

The new VMware Container Networking with Antrea is a commercial offering consisting of signed images and binaries and full support for Project Antrea.

VMware Container Networking with Antrea will be included in VMware NSX-T and vSphere 7 with Tanzu. Applications running on Kubernetes clusters using Antrea as the Container Networking Interface (CNI) can be discovered, connected, and better protected by Tanzu Service Mesh.

 

Re-imagining network security

VMware will deliver firewall performance and programmable intelligence to the Virtual Cloud Network by enabling VMware NSX to run on leading SmartNICs.

This includes advanced security for bare metal and highly sensitive workloads such as databases which are hard to protect today.

Additionally, it enables “air gapping” of infrastructure, separating applications and hypervisors from the security controls on the SmartNIC.

VMware is also announcing VMware NSX Advanced Threat Prevention, which combines NSX Distributed IDS/IPS with advanced malware detection (sandboxing) and AI-powered network traffic analysis (NTA) acquired from Lastline.

These NTA capabilities use unsupervised and supervised ML machine learning models to more accurately identify threats and minimise false positives compared to other network traffic analysis tools.

The solution delivers an industry-first ability to apply virtual patches at every workload, something traditionally only implemented at the perimeter, enabling more effective response to sophisticated threats before they disrupt business.