Week commencing 21st August 2023, we had VMware taking to the big stage over in Las Vegas, Nevada at their Explore event. While those of us on this side of the pond will have to wait until November for our in-person event, we thought it would be good to summarise the major announcements, give some initial thoughts, and then follow up with more detail between now and November's event. As the announcements covered Hybrid Platforms, Modern Workspace and Security, we have combined the thoughts of three CDW Chief Technologists into one article. Keep reading to hear from Rob Sims, Tim Russell, and Greg Van Der Gast on the topics covered in the keynotes from VMware explore, covering the five main themes:
- Accelerate Application Delivery
- Modernise Cloud Infrastructure
- Deliver Autonomous Workspaces
- Enable the Software Defined Edge
- Accelerate AI innovation
Event Theme and Messaging (Rob Sims)
We cannot avoid the elephant in the VMware room - Broadcom. Neither did VMware at Explore, tackling the topic head-on with a video from Hock Tan the CEO of Broadcom (he was sat in the audience as well). I think many are wondering what the outcome of the acquisition will be and the impact on VMware and its 25-year history of innovation. For myself the message was clear, additional funding to drive making the multi-cloud a reality. Hock promised $2 billion of investment into VMware, with half going directly to R&D. If this comes to be true, we could see a real step change in the value of customer's investment into VMware licences.
Two key themes were promised for Explore - Generative AI & Multi-Cloud. I suspect these will continue to be the themes when VMware Explore comes to Barcelona in November!
On the topic of multi-cloud, the message was Cloud-Smart, which is fantastic from my perspective as it aligns perfectly with the CDW Right Workload | Right Platform belief. I have always maintained that every workload is different and should be executed in the most appropriate location to realise maximum business value. VMware Cloud-Smart is about finding the right infrastructure for every application but then tying it all together through common management, networking, and security. This message culminates in the technology advances in the portfolio with a focus on four key areas:
- Accelerate Application Delivery
- Modernise Cloud Infrastructure
- Deliver Autonomous Workspaces
- Enable the Software Defined Edge
Let’s dig into the announcements in each area and then circle back to the Generative AI topic.
Accelerate Application Delivery (Rob Sims)
VMware has been on a journey with the Tanzu branded modern application development platform. Over the last few years, a steady stream of updates has significantly increased the value of the platform. This year we have the announcement of the Tanzu Application Engine, a new component of the Tanzu Application Platform that will provide an abstraction layer between the underlying execution platform and the developers that wish to consume those services. The Tanzu Application Engine will ensure operational teams can focus on the things that matter to them like security, backup, and disaster recovery, while developers do not need to be concerned with such things, focusing on accelerating time to value.
Tanzu Application Engine is only in Beta release at this time, but looks like it could fill a gap in the stack and is worth keeping a close eye on. If you want to learn more about the Tanzu application Engine, have a read here.
Modernise Cloud Infrastructure (Rob Sims)
VMware Cloud is built on VMware Cloud Foundation (VCF) focusing on bringing cloud-like operations to the private datacentre, offering true choice to customers, and making the concept of cloud as an operating model, not a location, a reality. Continuing the innovation in this space we had five innovations announced at Explore, each taking VMware Cloud one step further into the future. Let’s review each in turn.
The evolution of storage in shared virtual environments has taken many twists and turns over the years, from the initial 3 tier concepts to modern Hyper-Converged Infrastructures (HCI). Each has brought its own advantages and disadvantages, but one challenge has always been balancing operational simplicity, performance, and capacity. Since VMware released Express Storage Architecture (ESA) in vSphere 8 last year, it was clear we could expect some new concepts and see the bridging of these challenges. vSAN MAX is the next step on this journey and provides a true disaggregated storage option that can reach PB scale, but with all the software-defined vSAN/ESA benefits that make management simple. In a nutshell, we can now deploy storage resources that are decoupled from the compute resources, allowing independent scaling. This leaves vSAN able to deliver in three core models: traditional vSAN HCI based ‘Traditional’, ‘Cross Cluster capacity sharing’ and now ‘disaggregated storage’ with vSAN MAX.
Infra Management - VCF .next
VCF continues to grow as the base platform for building private cloud architectures. The last 12-18 months have seen a series of releases addressing some core challenges for our customers, especially those in secure environments that are not internet connected. VMware claims a 31% YoY growth for VCF, stating it could be the "Fastest Growing Cloud". They talk lower cost, high resiliency, and enhanced security! As always, my view here is right workload, right platform, which means we take a balanced view on the use of Private and Public cloud architectures.
One of the key elements of VCF is the automation it brings at the time of upgrades, simplifying the minefield of interoperability and the time-consuming tasks that keeping the physical and virtual layers secure imposes. At Explore, VMware announced seamless in-place upgrades at 3x the speed, along with the ability to orchestrate these across a distributed deployment from a central control point. At the same time, many VCF tasks that used to take multiple steps have also been automated to increase operations speed and reduce overhead. These incremental steps being built into VMware Cloud Foundation are making a real difference to customers of all shapes and sizes.
A great upgrade to VCF coming later in 2023 will be support for the vSphere Distributed Services Engine (DSE), bringing support for Data Processing Units (DPUs) that will allow full stack infrastructure functions to be offloaded from the CPU to the DPU. Digging into DPUs right now would derail this article but consider the ability to have true bare metal performance, with all the rich services of a hypervisor. See the image below to understand the concept and reach out if you want to know more.
We cannot escape the reality of ransomware and the threat it poses to almost every organisation on the planet. When we look at the VMware portfolio, we can see several technology acquisitions that can align to help mitigate and recover from ransomware. Solutions like Endpoint Detection and Response (Carbon Black), NSX (Nicira & Lastline), VCDR (Datrium), and the core VMware Cloud Foundation platform technologies like vSphere and vSAN. At Explore, VMware announced some enhancements to the VMware Cloud DR (VCDR) and VMware Ransomware Recovery portfolios:
- Multi-VM Ransomware Recovery: At scale live behavioural analysis to accelerate time to recovery.
- Cybersecure Storage: Integration with native vSAN snapshots to deliver increased restore performance.
- Multi-Cloud Recovery: Now, or soon to, support Google Cloud VMware Engine and AWS Outposts workloads.
Combining the features of vSAN and Ransomware Recovery (with Carbon Black), enables an enhanced chance for rapid recovery.
More info on ransomware recovery can be found here.
Project NorthStar - NSX+ (Greg Van Der Gaast)
I have been following NSX for the last decade and how VMware has leveraged its capabilities to overhaul how we view networking, security, and automation. I think a 10-year NSX review article could be quite interesting, walking through all the innovations - watch this space! At Explore we have the announcement of NSX+.
NSX+ is a managed cloud-based service enabling networking, security, and operations teams to operate NSX from a single cloud console, with the capabilities across private and public cloud providers. Looking at the release notes we can see the core capabilities of NSX+:
- NSX+ Policy Management: Provides unified networking and security policy management across multiple clouds and on-premises datacentres.
- NSX+ Intelligence (Tech Preview only): Provides a big data reservoir and a system for network and security analytics for real-time traffic visibility into applications traffic all the way from basic traffic metrics to deep inspection of packets.
- NSX+ NDR (Tech Preview only): Provides a scalable threat detection and response service offering for Security Operations Centre (SoC) teams to triage real-time security threats to their data centre and cloud.
NSX+ promises to bring a SaaS based offering that covers the full networking stack from L2 through L7 with the ability to define a policy once and have it deployed across any cloud. If the reality is operationally feasible and it also offers the deep packet insights end to end it could be a game changer. The evolution of multi-cloud networking is something I am watching closely, as without a consistent network fabric we won’t be able to ever realise the true benefits that the Hybrid Cloud is promising. The cross-cloud capability that NSX+ is promising could be a massive step towards maintaining consistent security and networking.
One of the recurring themes that you will hear about security from CDW’s Office of the CTO is the importance of doing the fundamentals well, of a high quality of IT, and of tying things together in a holistic approach. We believe these are the cornerstones of a more inherent and sustainable security that can then be fortified by “security” technologies.
Case in point, if I were to ask people to name “security vendors” I doubt VMware would be among the first ten names to come up. And yet, some of the security features in NSX+ presented by Umesh Mahajan (SVP/GM NSBM, VMware) strike me as worthy of note when it comes to materially improving the inherent resilience of our organisations.
Let’s start with the consistency in networking and security operations NSX+ can bring by moving a lot of the logic and intelligence of networking, firewalls, and other network threat protection technologies into a common, and centralised, software level.
Consider that many organisations’ vulnerabilities are not necessarily due to a lack of capability but rather underutilisation and misconfiguration of those capabilities. The simplification and ability to drive consistency throughout the enterprise on offer here could notably increase the effectiveness of existing security investments.
Things get better still once you add the ability to link your network security rules not just to VPCs and virtual machines, but to modern application approaches such as containers and Kubernetes too.
The good news in the form of unified management doesn’t stop with those sub-elements within your cloud but extends to centralised visibility and policy management between multiple clouds too. NSX+ thereby helps people essentially manage one “multi-cloud” as opposed to having to manage multiple separate clouds somewhat independently with all the repetition, complications, and potential for error involved.
A personal favourite of mine is the discovery capability of “NSX+ Intelligence”. It's able to automatically map application topologies and data flows, spot associated network security issues, and recommend configuration options to remediate those issues which can be accepted and put immediately into place from the console.
Now it seems capable of largely replacing many manual security assessment processes, but it automatically documents your infrastructure, fixes, and final state, freeing up valuable time for security architects and teams in general to focus on issues elsewhere.
I for one look forward to seeing our customers leverage these powerful capabilities to innovate and deploy faster, stay safer, and perform better.
More info on NSX+ can be found here.
Make developer ready
Building on the automated principles of VMware Cloud, we had announcements at Explore 2023 for scalable Integrated container orchestration and API-driven VPC creation. Both features are designed to bring the cloud-like experience that developers love in AWS and Azure to the private cloud running on VMware Cloud.
We must not forget the battle to avoid the attack in the first place and ensure early detection and response capabilities are in place. This is when NSX comes into play with Network Detection and response (NDR), Intrusion prevention/detection, Micro-Segmentation, and malware prevention.
Deliver Autonomous Workspaces (Tim Russell)
Zooming in on VMware’s clear commitment to Digital End-user Experience (DEX), both in their Digital Employee Experience Management (DEEM) in Horizon and the DEX capability in Workspace ONE. With the acquisition from Broadcom looming, coming into Explore23 it wasn’t clear if VMware would still be firmly behind their DEX initiatives. There is no shadow of doubt in my mind now about VMware’s continued drive and support in this direction, especially when we align this to their autonomous workspace vision, initially shared at Explore 2022. In VMware’s own words, DEX is "delivering, measuring, analysing, and remediating experience across mobile, desktop, virtual, and frontline use cases”. It’s great to see mobile features here as this is not a capability in all DEX platforms. In the mobile DEX arena, VMware have now added Android battery and Network analytics, something I would imagine is most welcome for the customers who have a reliance on both a large mobile and tablet device base who utilise the Android OS.
When we look at the Workspace ONE stack and its position to the anywhere workspace platform, it offers enablement of hybrid and frontline workers, and with the announcement for support of third-party managed devices from VMware, this now removes the requirement to have a device also managed by Workspace ONE, enabling the utilisation of Workspace One DEX capabilities alongside Intune and other vendors, as mentioned in VMware’s own Blog.
I would recommend if you get the chance to look at the VMware Explore Video. In this video we can see Marshall Anne Busbee demonstrating how Guided Root Cause analysis supports service desks with faster resolution times, an ability to take repeatable fixes and move these to automatic, proactive fixes in the management platform. The DEX insights utilise VMware’s Next-Generation Insights in the Workspace ONE Intelligent Hub to drive this capability.
The creation of remediation playbooks was a compelling story, and one case that was demonstrated I found of particular interest; a user suffering a sub-optimum experience on a Windows OS device could be directed to a ‘ready to go’ VDI experience on an iPad while the Workspace ONE solution could rectify a Windows OS issue, before prompting the user to return to the Windows OS once the issue was resolved. The ability to prevent loss of productivity in this scenario and tie in the application availability from Tanzu really impressed me. I appreciate there is a level of investment required to get to this stage but for businesses who fully embrace the concept of continuity for hybrid workers, this is a robust and highly intelligent solution.
In the EUC presentation given by Marshall Anne Busbee (Director of Product Marketing at VMware), it was clear in the approach VMware have adopted. Marshall went on to talk about how our employees should be central and not a second thought in our strategies - VMware want to be able to give people seamless access to their tools and increase productivity and talent retention through improved DEX. These all tie in very closely to the trends I have been talking about for the last few months and the conversations I have been having with customers and suppliers; it’s great to see VMWare making a concerted effort to address these capabilities and focus on the importance of people. With the DEX solution, there was also talk of expanding out to new data sources and improved SaaS Service availability, such as:
- Next-generation insights include: UEM, Frontline and Horizon
- More data will be used to drive improved playbooks
- Learned data will be used over time to improve quality
In another session, the SVP and GM of EUC, Shankar Lyer, talked to Kristina Ross of Boeing who shared her story of how VMWare and DEX is changing the experience, innovation, and productivity of their users. Digital End-user Experience is nothing new, but as Kristina and Shankar went on to discuss, it has made a material difference to Boeing and enabled them to ensure that their recent investments in Horizon and Workspace ONE are being fully realised.
The rapid change to working environments we have seen over the last few years gave rise to very real concerns around health and wellbeing. With productivity among those separated from the legacy shared working environments through remote and hybrid working regularly being a point of discussion. Hearing Kristina talk of the positive changes delivered through adopting DEX was an exact reflection of the conversations I have been having with other customers. The value of employee wellbeing and productivity are directly linked to the digital and physical experience of both the remote and hybrid workspaces. When employees are out of line of sight, it has been hard to track how they are handling remote working; digital employee experience is one of the tools available to directly support positive working environments for employees; this in turn reinforces talent retention and ultimately protects productivity.
If you want to read more on this topic:
Enable the Software Defined Edge (Rob Sims)
We look for more adoption of Edge technologies, either at the far edge with sensors and other IoT use cases or as part of a near-edge deployment with AI capabilities or private 5G networks. Managing these distributed infrastructures is becoming complex and threatens to be the next wave of Technical Debt. As we noted at Dell Technologies World earlier in the year (with Dell NativeEdge) we are seeing more solutions enter the market to tackle this rising complexity. At Explore, VMware announced VMware Edge Cloud Orchestrator as the culmination of last year's announced Project Keswick. It will be interesting to see how these new technologies get adopted in real-world deployments in the coming years. Combining the management of VMware SASE and VMware Edge Compute Stack into a single management console for compute, networking, and security to create the software-defined edge (VMware likes software-defined things).
The promise is the ability to orchestrate and secure the deployment of VM and container-based applications at the edge, enabling Edge native applications and the data insights they can unlock. Here is a summary of the capabilities:
- Right-sized infrastructure platforms for edge applications
- Pull-based orchestration using your GitHub as the source of truth
- Network programmability to ensure automated deployment and security through zero trust
- When combined with VMware SDWAN it will offer application awareness combined with visibility and analytics
- Rapid scaling and unified management for large-scale edge deployments.
As with most of these things, we have a few product name changes that are worth knowing.
- VMware Edge Cloud Orchestrator: Formerly called VMware SASE Orchestrator, VMware SD-WAN Orchestrator, VeloCloud Orchestrator
- VMware Edge PoP: Formerly called VMware SASE PoP, or VMware PoP
- VMware SD-Access: Formerly called VMware SD-WAN Client
If you want to learn more on this topic, please take a look at the Scale your Edge Infrastructure with VMware Project Keswick - Quick Overview video. There is also a great article about Managing the Software-Defined Edge with VMware Edge Cloud Orchestrator.
Accelerate AI innovation (Rob Sims)
Artificial intelligence (AI) and Generative AI will go down as the topics of innovation in 2023 (and likely into 2024), which is not surprising as VMware quotes a Mckinsey statistic that GenAI will generate $4.4T of economic value every year! As we progress through 2023, we are seeing more vendors adding their take on Private AI infrastructures, from Dell Project Helix, Nutanix with GPT-in-a-Box, and Nvidia with DGX (around before 2023). Now we have the VMware flavour to add to the melting pot - VMware Private AI Foundation with NVIDIA (catchy name...). It was positive to see VMware talking about the wider challenges of AI from a legal implication’s perspective not just technology.
VMware General Council, Amy Olli, highlighted some challenges they have been dealing with internally. These focused on data privacy, for example, Intellectual property risk and questions like "who owns the data and has rights to the data?" - questions that all customers will be asking and without clear answers could lead to limited value being extracted from AI. VMware AI Labs was formed a year ago to allow lawyers and techies to work together on solving these challenges. This is the group that formed the VMware Private AI architecture that led to the VMware Private AI Foundation with NVIDIA. While it is clearly self-serving to 'solve' the legal challenges with a private cloud solution it does make a lot of sense, we are seeing many AI projects born in the cloud that struggle to be financially viable at scale! When we consider that most data gets generated at the Edge, we don’t want to be moving that to the cloud to process. This makes the future of AI a true multi-cloud challenge!
As you can see from the image below VMware Private AI Foundation with NVIDIA is a large undertaking and deserves its own full write-up later. Please do reach out if you want to discuss how to scale and operationalise your AI outcomes - at CDW we are combining our internal experts with partners to help our customers navigate the complex AI landscape. Now we have VMware as another string to our bow.
The innovation coming from VMware over the last couple of years has been a pleasure to watch. The drive to simplify and automate the reality of the hybrid multi cloud world, modern application development and security is providing a real value proposition that surpasses the heritage of vSphere on its own. I think we all look forward to digging into the reality of these announcements and seeing some real-world use cases come to life. Keep an eye out for more deep dive content from the CDW Office of the CTO on the topics highlighted in this article.
Just to recap, the main message from Explore is Cloud-Smart and VMware focused on five key areas of innovation that spanned the entire portfolio.
Also please tune into Kyle Davies, our own Head of the Office of the CTO, for all the info on the VMware Tech Showcase announcement VMware Explore - VMware Tech Showcase