Kathy Gibson is at VMware Explore in Barcelona – As cloud computing takes off around the world, governments and critical industries are becoming more aware of the problems associated with data residing outside of national borders.
New research conducted by Vanson Bourne and commissioned by VMware reveals that over the next two years, 96% of all companies surveyed believe data will be a source of revenue, and 50% believe it will be a significant revenue source.
As economic uncertainty intensifies, it is not surprising that more business leaders are zeroing in on their data as an untapped revenue source.
Yet the downside is just as big: respondents identified data sovereignty as one of the key challenges facing organisations with 95% admitting it is a concern.
Organisations that fail to comply with data sovereignty regulations often must pay fines in the hundreds of millions of dollars, and suffer damage to brand reputation because of data compromise.
Today, more countries have their own laws governing how data should be managed and stored within their sovereign borders, and most of these regulations are changing constantly.
“If you are in an organisation that is critical to national infrastructure, data sovereignty is an issue,” says Raghu Raghuran, CEO of VMware. “So VMware started its sovereign cloud initiative to alleviate this issue.”
The initiatve focuses on sovereignty of security, compliance, control, autonomy and innovation.
“We have a responsibility to get it right,” Raghuran says. “When your technology is part of the critical infrastructure, we do more than worry about making the business better. We have a larger scope of responsibility.”
Raghuran says the number of VMware Sovereign Cloud providers has more than doubled to 25 partners globally.
Today, VMware also announced VMware Tanzu on sovereign cloud, VMware Aria Operations Compliance pack for sovereign clouds, and new open ecosystem solutions.
Together, these new Sovereign SaaS innovations will enable partners to deliver services equivalent to those found in public clouds, while also better assuring data is protected, compliant, and resident within national territories.
With sovereign SaaS, VMware Sovereign Cloud Providers can build highly differentiated solutions to capture modern workloads, simplify operations with continuous compliance monitoring, and support data monetisation with lower risk.
The VMware Sovereign Cloud Framework and associated capabilities that make up the VMware Sovereign Cloud Initiative are aligned with Gaia-X and other global data sovereignty regulations to further simplify the delivery of sovereign clouds.
VMware is now building a portfolio of sovereign SaaS offerings. Partners deliver sovereign SaaS natively using VMware software running in their sovereign cloud data centres, completely disconnected from the public Internet. All data remains resident and exists only within a given sovereign region, with no access by foreign jurisdictions, no data or meta data leaves the country or provider.
“There is no data sovereignty without cloud sovereignty. And sovereignty does not have to come at the expense of cloud innovation,” says Rajeev Bhardwaj, vice-president: cloud provider platform solutions at VMware. “With our new sovereign cloud innovations, we’re again setting the agenda by bringing SaaS services into sovereign environments. This will enable VMware Sovereign Cloud providers to help their customers innovate and drive digital transformation while reducing the risk of unlocking the value of data.”
VMware Tanzu on sovereign cloud
Highly regulated customers recognise the strategic need to modernise applications to improve customer engagement with enhanced security, efficiency, and resiliency. Containers and kubernetes offer a pathway to modernisation. With VMware Tanzu on sovereign cloud, organisations can build, run, manage, and better secure modern applications consistently on sovereign cloud infrastructure with enterprise Kubernetes built in.
The Tanzu portfolio simplifies platform operations and frees developers to move faster and access the right resources for building the best applications. Sovereign-ready Tanzu is delivered by partners natively from their sovereign cloud data centers, completely disconnected from the Internet.
VMware Tanzu on sovereign cloud includes:
* Tanzu Kubernetes Grid: VMware’s enterprise-ready, kubernetes runtime provides customers with simplified installation, automated multi-cluster operations, and integrated platform services. Carvel-based tooling provides a set of reliable, single-purpose, composable tools that aid in application building, configuration, and deployment to kubernetes. For sovereign clouds, Tanzu Kubernetes Grid includes open source components such as Fluent Bit, Prometheus, Grafana, and Contour that offer monitoring and ingress capabilities. Organisations can observe and adapt based on open-source metrics, traces and logs which display where kubernetes cluster failures may arise, and better ensure traffic is safe and allowed.
* Tanzu Application Platform: Sovereign-ready Tanzu Application Platform provides development teams with the tools and services they need to get their code to production faster and more securely. Tanzu Application Platform has added air-gapped installation for enhanced security and compliance in sovereign cloud environments. Developer productivity has been enhanced with the addition of Dynamic API spec registration using the Backstage API plug-in to more securely automate publishing, consumption, and collaboration on APIs for software development. A new, centralised vulnerability monitoring dashboard will aid app teams with their pre-deployment security checks and secure app deployments. Tanzu Application Platform has added support for Red Hat OpenShift, Jenkins, and Carbon to expand the footprint of ecosystem integrations.
* Tanzu Mission Control: Sovereign-ready Tanzu Mission Control will provide policy-based cluster automation and management at scale for better visibility, control and security for operators, more consistency and speed for DevOps, and flexibility and autonomy for developers. Tanzu Mission Control will enable sovereign cloud partners to benefit from full kubernetes visibility while maintaining full control over their network infrastructure connectivity. Simplified kubernetes cluster management from a single control plane will help eliminate cumbersome and time-consuming tasks to streamline operations. VMware is working to add support for private deployments of Tanzu Mission Control in sovereign cloud environments. The solution is in private beta today.
* VMware Data Solutions: VMware Data Solutions (formerly Tanzu Data Services) support compliant and conformant data management. Customers have access to a self-service user interface and API for lifecycle management of these services so they can tune their instances for optimal performance of their applications. VMware RabbitMQ is a lightweight and easy-to-deploy message broker that supports multiple messaging protocols and can be deployed in distributed and federated configurations to meet high-scale, high-availability requirements. VMware’s open source SQL Database (Postgres & MySQL) is a relational database service providing cost-efficient and flexible deployments on-demand, at scale, while automating time-consuming administration. VMware Data Solutions are integrated with VMware Cloud Director, further simplifying operations and deployment to sovereign cloud environments. VMware RabbitMQ is available and VMware SQL is in preview with more services to come.
VMware Aria Operations for sovereign clouds
VMware Aria Operations Compliance pack for sovereign clouds provides continuous compliance monitoring, reporting, remediation, and automation capabilities that help partners remain compliant with both regulatory benchmarks and VMware Sovereign Cloud guidelines. Sovereign-ready Aria Operations provides comprehensive capabilities across availability, performance, capacity management, cost management, and compliance for infrastructure or applications.
VMware Aria Operations Compliance packs include out-of-the-box regulatory compliance kits, configuration checks, and reporting based on the 20-point sovereign controls such as microsegmentation, data at rest and in-transit encryption, and ISO 27000 compliance. Full integration with VMware Cloud Director and a unified dashboard provide an automated and efficient way to demonstrate compliance across the complete sovereign cloud infrastructure.
VMware is announcing initial availability for VMware Aria Operations Compliance pack for sovereign clouds.
Open Ecosystem Solutions for sovereign clouds
Working with its open ecosystem partners, VMware has delivered third-party offerings from partners such as Cloudian, Veeam and Fortanix for Object Storage, ransomware protection, backup/recovery, and key management. These services are tightly integrated with VMware Cloud Director for multi-tenant deployment and a seamless user experience.
VMware continues to build this open ecosystem with the unveiling of the following new partner services:
* Risk and Compliance management: VMware has collaborated with Caveonix to deliver a fully integrated security, compliance, and governance platform within the sovereign domain to manage the data sovereignty compliance requirements of sovereign cloud. The platform continuously monitors and assesses the security and compliance posture of the VMware environment to help ensure immediate reporting and mitigation of any drift, thus protecting all data assets stored in the sovereign cloud.
* Data Lakehouse as a Service: VMware Tanzu Greenplum, a massively parallel processing (MPP) data warehouse platform, seamlessly integrates with Cloudian HyperStore S3-compatible object storage to deliver the same data lakehouse architectures available in public clouds to sovereign clouds. This VMware-certified solution enables new efficiencies and savings and is ideal for the creation and deployment of advanced analytics models for complex enterprise applications. Customers can vary the number of compute nodes running Greenplum or storage nodes running HyperStore elastically, independently, and on-demand, allowing customers flexibility and better economics within the sovereign cloud environment.