One year ago, at VMworld 2016, we shared our strategic priorities related to cloud services and data center
modernization. Last October, we also announced the start of a new strategic partnership with Amazon Web Services. Our engineering teams have been incredibly busy over the past 12 months, bringing our strategic plans to fruition. Today, we announced the availability of all strategic initiatives that we outlined last year. You told us where we should focus our efforts and could best help your organization succeed, and we listened.
Our overall cloud and data center philosophy is based on several key tenets:
- Developer freedom – Developers should be free to innovate using the native tools, command-line interfaces (CLIs), and APIs of their choice.
- Flexibility and control – Operations can and should partner closely with developers while still maintaining operational flexibility and control, ensuring availability, performance, security, and governance without impeding innovation.
- Simple lifecycle management – Core infrastructure software lifecycle management should be a feature of software, not people. If the technology is non-differentiating to our customers, then we should be able to manage the lifecycle of that technology in software, freeing people to focus on innovation and differentiation.
- Open source project velocity and scale – Open source software should be easily deployed and managed while preserving native API and CLI constructs. To that end, VMware strives to continue to be the very best partner to run and scale open source projects in production.
- Pragmatism – We don’t have to build one universal console. Centralize operations and innovation where it makes sense, and decentralize aspects of operations and innovation where that’s most effective for the business.
With that context, it’s important to note that our customer-driven strategy continues to flourish, and we’ve held firm on our promises made to you a year ago. These promises have culminated in today’s key announcements:
- VMware Cloud on AWS
- VMware Cloud Services
- AppDefense and New Security Paradigms
- Data Center Modernization and SDDC
VMware Cloud on AWS
Since we announced our work with AWS to develop VMware Cloud on AWS, there has been massive customer interest in joining the beta program. Following extensive engineering collaboration over the last several months, today we announced the initial availability of VMware Cloud on AWS.
VMware Cloud on AWS gives you the ability to stand up new infrastructure in an Amazon data center in just a couple of hours. Our forthcoming Elastic Distributed Resource Scheduler (DRS) feature will enable you to no longer have to worry about physical capacity. You just set capacity thresholds for a cluster and when they are exceeded, a new host is automatically added. If capacity requirements decrease, existing hosts can be automatically removed as well.
Instead of diving deep into the really slick technology we’ve developed, let me back up and cover some key use cases. I have worked with many of the VMware Cloud on AWS beta customers, and many more waiting to get started. They all cite some common use cases that are core to their cloud strategy:
- Data center extension and consolidation: Whether you need additional or temporary capacity for an existing data center, or are looking to use capacity to consolidate existing data centers, VMware Cloud on AWS allows you to do so while still preserving your same operational tools and processes.
- Disaster recovery as-a-service (DRaaS): You can modernize your approach to DRaaS while reducing costs by leveraging the AWS data center footprint. At the same time, you can support failover and failback using the same operational tools.
- Hybrid applications: Rewriting traditional applications to benefit from cloud services can require significant time and cost. VMware Cloud on AWS allows you to migrate traditional applications to AWS and without modification, expose them to a variety of AWS cloud services (e.g., S3, RDS, Glacier, and more).
- Control of intellectual property: While you may commit strategically to AWS, Microsoft, IBM, Google, and other providers, you will likely also have a core set of applications where you want ultimate flexibility. You don’t know what the application’s future holds, but because it is core to your business, you want to preserve the flexibility to deploy that application to a cloud, data center, or edge site, without having to worry about provider-specific dependencies. This has been a key use case for VMware Cloud on AWS and VMware Cloud Foundation for both traditional and cloud-native applications.
The launch of VMware Cloud on AWS is just the beginning. I spent a lot of time talking with our customers and partners about the potential ways that VMware and Amazon Web Services can work together to innovate in very compelling ways.
VMware Cloud Services
VMware Cloud Services are SaaS-based management and operational services for native public clouds that streamline and simplify your cloud operations. When building our cloud services strategy, we remain focused on listening to our customers and prioritizing engineering investments based on needs dictated to us by early cloud pioneers. That feedback placed significant urgency on us to help solve cloud network and security operational challenges.
Network and security settings, policies, APIs and schemas can vary considerably from one provider to another. When we reached out to customers for their most pressing cloud operational challenges, networking and security was at the very top. VMware NSX Cloud simplifies network and security operations across multiple public cloud environments. Now network and security settings and associated policies – including firewall rules – can be centrally managed. This removes configuration and integration challenges and reduces risk because you no longer have to manage network security on a per-provider basis.
- VMware Cost Insight: Understanding the true costs of operating in public clouds can be a daunting task, with numerous variables and a variety of provider-specific APIs to mine the data. Whether an application or service resides in a single cloud or spans multiple clouds or even data centers, VMware Cost Insight gives you a simple application- or project-centric view of the totals costs.
- VMware Discovery: Discovery allows IT operations teams to discover and inventory workloads running on public clouds, and group workloads together in a variety of ways such as by application or business unit. Discovery is a critical element of pragmatic IT. Even with the best service broker, odds are that on occasion, workloads will be provisioned outside the scope of central IT. I like to think of Discovery as an enabler for pragmatic DevOps. Ops can find new workloads and partner with developers to bring them into compliance, such as by installing an NSX agent.
- VMware Network Insight: Network Insight provides comprehensive network visibility and granular understanding of traffic flows to enable cloud security planning and network troubleshooting. On the planning side, Network Insight will save you considerable time in modeling application dependencies and estimating network requirements. That alone is crucial for any successful cloud migration.
- Wavefront by VMware: Virtualization and abstraction native to cloud solutions provides great velocity and agility, but the tradeoff can result in additional layers to sift through when diagnosing a problem. Wavefront’s rich analytics help DevOps teams quickly resolve performance issues.
AppDefense and New Security Paradigms
Traditional security can be like fishing in a lake. Even when you catch some fish, you know there are more fish down there. You can never catch everything. That’s always the challenge with an approach based on hunting for the bad as opposed to protecting the good. That’s not to say that you should not continue to aggressively hunt for malicious software. You should. But at the same time, it’s now possible to focus your attention on monitoring and protecting applications based on a known good baseline. Instead of hunting for the bad, you can now leverage the newly announced AppDefense to alert and act on changes to a known good state.
Once an application is baselined, the security team and the application owners will know its exact technology fingerprint, including process and network behavior. Any change to the state that violates a rule will trigger an alert or an automated action. Besides alerting an application owner, AppDefense can initiate automated actions such as dynamically changing firewall rules, capture network traffic, or even quarantine the app.
AppDefense provides an incredible engine that allows you to take a fundamentally new approach to securing your applications. When combined with a growing number of solutions from partners such as IBM Security, RSA, CarbonBlack, SecureWorks, and Puppet, you gain even more power and automation.
As you can see, AppDefense is a new security mechanism that is simple but powerful. The security operations center instantly knows when someone or something is messing with critical applications; modifying OSes, running rogue scripts, altering how processes interact, and so on. Incident response can now become far more surgical and automated. Software engineers can get full visibility into the security context around an application, and partner with security in real-time on an app’s security profile.
Data Center Modernization and SDDC
While we had plenty to say about our cloud strategy, we have also brought several new innovations to our software-defined data center (SDDC) and data center modernization efforts. For starters, we announced the VMware vSAN HCI Acceleration Kit. This is extremely beneficial in branch or edge use cases that require a small infrastructure footprint that is simple to manage. The kit provides vSAN and vSphere compute licenses for unlimited VMs across three cluster nodes at a starting price of $7,852. You can get the kit from several partners today, including Dell EMC, Fujitsu, Lenovo, NEC and Supermicro.
We continue to expand VMware Cloud Foundation to additional public clouds, with providers such as Rackspace and CenturyLink joining the mix. Cloud Foundation provides a simple, scalable software-defined data center that includes automated lifecycle management of all infrastructure software, inclusive of the hypervisor (vSphere), storage (vSAN), and networking (NSX). The next time you’re planning an infrastructure upgrade, think about how nice it can be to have that upgrade simply be a feature of software. Furthermore, the fact that Cloud Foundation is now running at scale in more than five large cloud providers gives you the assurance that patches and updates you deploy in your data center have already been tested at a massive scale.
We continue to innovate in VMware Integrated OpenStack, with expanded support for containerized applications and support for importing Heat templates into vRealize Automation.
VMware and HP Partner to Simplify Device Lifecycle Management
Also announced today, VMware and HP are partnering to offer VMware Workspace ONE in HP’s Device as a Service (DaaS) offering. Workspace ONE, the industry’s first digital workspace platform that uniquely integrates VMware AirWatch Unified Endpoint Management (UEM) technology and end user identity, provides a holistic and user-centric approach to managing all endpoints in an organization – from mobile and desktop to Internet of Things. HP DaaS offers a modern consumption model for computing in which hardware and lifecycle services are combined to improve the user experience and free up IT resources to drive growth.
This partnership brings two industry leading players together to deliver a complete solution for mutual customers looking to transform their end points from procurement to management into a predictable consumption based service. Learn more about this partnership.
As you can see, it’s been a busy year! You can see the details in a variety of breakout sessions. Also, during tomorrow’s keynote, Ray O’Farrell, Purnima Padmanabhan, and I will be demonstrating these technologies in action. If you can’t catch the session live, you can view the live stream here.