vlntn - Fotolia

VMware making bigger push into cloud, cyber security

The virtualisation bigwig is making it easier for VMware customers to adopt public cloud services, starting with a partnership with Amazon Web Services

Like most enterprise technology pioneers, VMware has been reinventing itself and striking deals with cloud suppliers as more enterprises turn to the cloud to keep up with the growing pace of business and rein in IT costs.

At VMworld 2017 in Las Vegas, the pioneer in virtualisation software that lets businesses consolidate servers, storage and networking resources to improve IT efficiencies, painted a cloud strategy that aims to keep itself relevant in a multi-cloud world, starting with its partnership with Amazon Web Services (AWS).

First unveiled as a technical preview in October 2016, VMware Cloud on AWS allows enterprises running VMware’s vSphere-based software stack to harness AWS’s bare metal infrastructure to power their applications, expand their datacentre footprint and facilitate disaster recovery, among other usage scenarios.

For now, VMware Cloud on AWS is only available in the AWS US West (Oregon) region, though VMware CEO Pat Gelsinger revealed that the offering would be extended to other AWS regions globally by the end of 2018.

Unlike VMware’s partnership with IBM, where the latter supports and delivers VMware software on IBM Cloud, VMware will deliver, sell and support VMware Cloud on AWS as an on-demand service, which also provides access to AWS’s developer tools, analytics and databases.

“People are fired up about this,” said AWS CEO Andy Jassy at the opening keynote of VMworld 2017. “You can use the same tools to manage your on-premise infrastructure and AWS cloud, and you don’t have to adopt a new model to get consistency across on-premise and cloud infrastructure.”

In a recent research note, Gartner analysts Thomas Bittman and Lydia Leong said VMware Cloud on AWS would provide an infrastructure option for running applications that are not ready to move to true cloud infrastructure as a service (IaaS).

In addition, organisations can also use AWS’s infrastructure to spin up and spin down vSphere hosts on demand, shifting IT costs from capital to operational expenditure, they said.

Read more about cloud

  • Asia-Pacific organisations that are hopping onto the multi-cloud bandwagon need to overcome potential data management issues to succeed.
  • While cloud-based enterprise resource planning applications are more widely adopted in the Asia-Pacific region, some companies are still hanging on to on-premise systems that remain core to their business.
  • The past 12 months have seen VMware apply a number of tweaks to its hybrid cloud strategy. We look at what these changes mean for the company’s future and technology roadmap.
  • Google’s Singapore cloud region is its third in Asia-Pacific, underscoring its ambition to challenge Amazon and Microsoft in a fast-growing public cloud market.

With multi-cloud expected to be the norm, organisations will have to integrate disparate cloud services and automate movement of data and applications in a secure manner – a challenge that could be overcome with visibility into what is going on across a multi-cloud, hybrid environment.

In the networking layer, VMware hopes its VMware Network Insight will provide that visibility. The service offers consistent networking and security for applications running in multiple private and public clouds, via a single management console. Businesses can also apply security policies across application workloads running in cloud virtual networks, regions and availability zones, and across multiple clouds.

Cardinal Health, a global healthcare products and services company, has been testing VMware Network Insight. Brandon Wagoner, its senior engineer for virtualisation and engineering, said the company had adopted a cloud-first strategy focused on AWS for rolling out new applications, and was “considering migration of legacy applications currently running on older hardware to take advantage of cloud economics”.

“However, a challenge we’re facing is visibility into what makes up any given application environment before we move an app, and ongoing visibility and security once applications are running in AWS. With our early testing of VMware Network Insight, we believe the service can help with improved visibility, migration planning, faster troubleshooting and better security planning capabilities,” said Wagoner.

Foray into cyber security

Although virtualisation makes it possible to isolate applications and virtual machines (VMs), as well as restore systems to a previous state before an attack, having visibility into the state and behaviour of workloads running on VMs will enable organisations to better detect and respond to cyber attacks.

To that, VMware has launched the AppDefense service that protects applications by embedding application control, threat detection and response capabilities in vSphere-based environments.

Tom Corn, senior vice-president for security products at VMware, said AppDefense was built on an intent-based security model that focuses on what the applications should do, rather than what the attackers do. “We believe it will do for compute what VMware NSX and micro-segmentation did for the network [by enabling] least privilege environments for critical applications,” he said.

VMware is working with its cyber security partners to integrate AppDefense into security platforms such as RSA’s NetWitness Suite and IBM Security’s QRadar security information and event management (SIEM) system. It will also use Carbon Black’s reputation feeds to help secure virtual environments by capturing and tagging attack sequences and events.

“The Carbon Black and VMware partnership enables security practitioners to better protect virtualised environments by allowing organisations to stop malicious activities, including fileless attacks that run on top of trusted and known software,” said Kane Lightowler, managing director of Carbon Black in Asia-Pacific and Japan.

Also, security teams will have unparalleled visibility, with a prioritised view of the most critical attacks and root cause analysis for additional context and visibility,” he added.

As a company that does not usually sell to chief information security officers, VMware will be educating its sales force on driving security discussions with enterprises, said its chief operating officer Sanjay Poonen. “Over time, our security business will get bigger,” he said.

Read more on Infrastructure-as-a-Service (IaaS)