November 5th, 2019 by Adam Armstrong
VMware Makes Several Product & Partner Announcements At VMworld Europe 2019
Today at VMworld Europe 2019 in Barcelona, VMware Inc. made a slew of announcements around various products and partnerships. The product announcements include security updates, new features for Workspace ONE, and a new teclo cloud orchestrator, Project Maestro. On the partner front, VMware is deepening its relationships with AWS and Microsoft.
Security is on everyone’s mind and VMware is working to make it more automated and intrinsic. To this end VMware made several security announcements including:
- Dell will make Carbon Black Cloud, along with Dell Trusted Devices and Secureworks, the preferred endpoint security solution for Dell commercial customers
- New VMware NSX Distributed Intrusion Detection and Prevention
- New VMware NSX Federation for consistent, centralized network and security policy configuration and management for large-scale NSX deployments
- Enhanced VMware SD-WAN branch firewall performance, flexibility and usability features
- VMware Secure State updates that reduce public cloud risk and improve security posture
- A new Zero-Trust security architecture for the digital workspace
VMware acquired Carbon Black last month and since has launched its own security business ran by Carbon Black’s former CEO, Patrick Morley. Carbon Black focuses on endpoint and workload protection as well as advanced cybersecurity analytics. VMware’s Carbon Black solutions will include:
- Carbon Black Endpoint Standard: Next-generation antivirus combined with endpoint detection and response
- Carbon Black Endpoint Advanced: Carbon Black Endpoint Standard combined with real-time endpoint query and remediation
- Carbon Black Endpoint Enterprise: Real-time endpoint query and remediation combined with advanced threat hunting and incident response
- Carbon Black Workload: new advanced cloud workload protection add-on for VMware vSphere
- VMware Workspace Security: combines best-in-class behavior threat detection, next-generation antivirus, and digital workspace analytics and remediation solutions
- Carbon Black Endpoint Standard with Secureworks Threat Detection and Response: combines best-in-class next-generation antivirus and endpoint detection and response with an advanced security analytics application, expanding security telemetry beyond the endpoint and into the network and cloud
VMware is rolling out NSX Distributed intrusion detection and prevention (IDS/IPS). The company states this will take the NSX platform’s Layer 7-capable internal firewalling to a whole new level. The company is taking a proactive stance on the risk of public cloud management with VMWare Secure State. Secure State is said to provide deep visibility into cloud service relationships and correlates risk due to misconfigurations and threats across multi-cloud infrastructure.
VMware announced that it is rapidly advancing Tanzu, the company’s portfolio of products and services designed to transform the way enterprises build, run and manage software on Kubernetes. The advancements include:
- VMware Tanzu Mission Control—a single point of control from which customers will manage all their Kubernetes clusters regardless of where they run
- Project Pacific, focused on transforming VMware vSphere into a Kubernetes-native platform. By utilizing innovations from both VMware and Pivotal, VMware is positioned to deliver the most comprehensive enterprise-grade, Kubernetes-based portfolio for modern applications—helping customers to succeed at each step of their cloud native journey.
VMware Workspace ONE
VMware has enhanced its Workspace ONE to deliver “Day Zero” employee experiences. This is said to improve employee experiences and security from the first day to retirement. Other security features to Workspace ONE include:
- Device Management and Compliance: Workspace ONE Unified Endpoint Management (UEM) enables customers to manage all devices – mobile, desktop, rugged and IoT – across all platforms from a single console;
- Conditional Access: Workspace ONE Access is the conditional access engine, supporting customers’ existing identity infrastructure, and leverages continuous verification of compliance provided by Workspace ONE UEM and Workspace ONE Intelligence analytics. Workspace ONE Access also can invoke step up multi-factor authentication as dictated by policy;
- App Tunnel and Proxy: Least privilege access to on-premises applications is enabled via cross-platform VMware Tunnel and Unified Access Gateway (UAG) and/or by enabling virtual application access with VMware Horizon. Virtualization inherently protects the application infrastructure and can be accessed via UAG edge services;
- Intelligence Risk Analytics: Launched at VMworld 2019 U.S., Workspace ONE Intelligence now offers user and device risk scores – quantifiable scores based on multiple risk attributes that can be used within conditional access policies and to initiate automated remediations; and,
- Automated Remediation & Orchestration: Workspace ONE Intelligence enables automated remediations and orchestrates workflows across critical ITSM investments for ticketing, notifications, and other actions.
VMware Project Maestro
VMware announced its new teclo cloud orchestrator, Project Maestro. This orchestrator aims to help communications service providers (CSPs) accelerate the time to market of modern network functions and services across clouds, from core to edge, and from private to public clouds. Project Maestro is stated to deliver a unified approach to modeling, onboarding, orchestrating, and managing virtual network functions and services. Benefits include:
- Accelerate time to revenue: Accelerate service time-to-revenue with a simplified vendor-neutral and standard-compliant approach for designing and onboarding VNFs/CNFs or network services.
- Automate operations with multi-cloud agility: Embed true cloud agility to operationalize processes with full lifecycle management automation capabilities. CSPs will be able to define and apply policies using a comprehensive decision engine to automate day zero through more complex day two operations.
- Enhance customer experiences: Deliver a new level of experiences with adaptable and resilient services. The solution will combine real-time decisioning capabilities with holistic Telco Cloud awareness for optimal close-loop actions that help deliver improved service quality. Furthermore, the telco cloud orchestrator will automate the distribution of network functions and service workloads across data centers and availability zones for optimal service quality and better resiliency.
- Transform to cloud-native networks: Evolve network architectures from OpenStack infrastructure to containers-based applications with seamless on-boarding and orchestration of VMs and container-based infrastructure for a future-proof service delivery foundation. Distribute workloads from the core to the edge and from private to public clouds for modern, unified network orchestration.
- Streamline orchestration: The telco cloud orchestrator will streamline the CSP orchestration journey with native integration into VMware cloud technologies and Virtualized Infrastructure Managers (VIMs) for operational consistency and ease of deployment while maximizing infrastructure resource utilization.
- Simplify interoperability: Built as a modular and model-driven solution, the Generic VNF Manager (G-VNFM) and NFV Orchestrator (NFVO) components of the solution will be able to integrate any SOL-compliant ETSI MANO architecture. Project Maestro will allow standards-based integration with OSS/BSS systems and Service Orchestrators through ETSI- and TMF-compliant interfaces. VMware will further enhance interoperability by expanding partner VNF certifications to cover infrastructure and orchestration through the VMware Ready for NFV program.
VMware & AWS
The company announced VMware Cloud Director Service, a multi-tenancy service for VMware Cloud on AWS; this will be a SaaS version of the company’s popular and proven VMware vCloud Director service-delivery platform. For VMware Cloud on AWS, VMware is expanding its reach with the launch within AWS EU (Stockholm) region. Other cloud offerings VMware launched include:
- VMware vCloud Availability 3.5: this update delivers new innovations that help partners offer a compelling, cost-efficient DRaaS solutions by simplifying disaster recovery, lowering operating cost and delivering critical business resiliency. It provides additional data protection at scale, simplified enterprise application mobility and faster recovery with VM grouping and intelligence.
- Expansion of VMware Cloud Provider Hub Services: with the addition of VMware vRealize Automation Cloud, which is comprised of the Cloud Assembly, Service Broker, and Code Stream services, providers can offer application and developer services to customers by helping them define, aggregate and deploy applications across clouds. Cloud providers also offer CloudHealth by VMware to help customers collaborate across lines of business to make more intelligent decisions related to cost management, security, and governance while scaling their multi-cloud environments.
- VMware vCloud Director / Bitnami Community Catalog Integration: Bitnami Community Catalog is now available from VMware Cloud Providers to customers through vCloud Director. Bitnami provides customers with access to a rich set of workload solutions such as developer tools, databases and network and security solutions. These pre-packaged solutions form the building blocks of new applications and can shorten the “builder’s journey” – an end-to-end process that tracks an application’s lifecycle from initial requirements to going live. With Bitnami, Cloud Providers can now attract developer workloads into their clouds and manage them with vCloud Director.
- New VMware Cloud Provider Pod on Dell EMC: Dell EMC infrastructure is now certified for VMware Cloud Provider Pod with configurations that can be easily tailored to cloud provider customer requirements, including new Dell EMC VxRail and Dell EMC vSAN ReadyNode for SAP environments. Targeted Cloud Provider Pod support will include Hyperconverged Infrastructure (HCI), Converged Infrastructure (CI) and vSAN ReadyNodes. With these new Dell EMC offerings, business critical applications such as SAP HANA can now take advantage of higher performance and resiliency to drive business continuity and operational simplicity.
VMware & Microsoft
VMware has also deepened it partnership with Microsoft. Together the two companies announced:
- A new combined solution featuring VMware Workspace ONE and Microsoft Endpoint Manager to accelerate Windows 10 modern management; Further global expansion of the Azure VMware Solutions hybrid cloud service, with new advanced cloud migration capabilities delivered through VMware HCX;
- Certification and support for Microsoft SQL Server 2019 on VMware vSphere running in customer data centers; An intent to collaborate to deliver the best customer experience for Azure Data Services on VMware cloud infrastructure; and, Extension of Azure to branch and edge environments with VMware SD-WAN by VeloCloud.
The new VMware Carbon Black Cloud solutions, new VMware SD-WAN branch firewall capabilities, and VMware Secure State Findings API are expected to be available in VMware’s Q4 FY20 ending January 31, 2020. VMware NSX Distributed IDS/IPS and VMware NSX Federation are expected be in Beta in Q4 FY20.
VMware vCloud Availability 3.5 and VMware vRealize Automation Cloud for Cloud Provider Hub are expected to be available in VMware Q4 FY20 ending on January 31, 2020. VMware Cloud Director is expected to be in beta in Q4 FY20