With VMworld 2019 there were some very exciting updates and announcements that have once again put VMware firmly at the centre of innovation. Asystec were there in force with our customers soaking up the keynotes, breakout presentations and the 1:1 specialist customer meeting’s. Read on where Asystecs Jonathan D’arcy, Kevin Stanford and Ciaran Cooney share their key takeaways.
This year VMworld was even bigger with 14,000 attendees with the focus very much about multi-cloud operations and a “run all the things” approach with an impressive technical focus. The theme was “make your mark” and Asystec certainly did that and immensely enjoyed learning, networking and most importantly spending time with our fantastic customers.
VMware’s strategy was laid out and based on 5 key pillars that include build, run, manage, connect and protect across any app, cloud and device.
Day 1 keynote started with Pat Gelsinger (VMware CEO) presenting an interesting statistic that in 2009 in the global workforce there were 5 million app developers (52 million apps in the world) and now in 2019 in the global workforce there are 13.5 million app developers (335 million apps in the world). The expectation is that this number will double over the next 5 years. As Pat put it this is the “fastest day of tech evolution in our lives, but also the slowest day of tech evolution in our lives”.
This set the stage for the requirement for organisations to build platforms that accelerate creating consistent modern development platforms while at the same time easing operations and increasing innovation.
Joe Beda (One of Kubernetes founders and now working with VMware) joined Pat to speak about the exciting Project Tanzu, Project Pacific and Pivotal and how these technologies lay the highway for these modern development infrastructures. VMC on AWS, AWS outposts and Cloud Foundation were discussed as the living infrastructure and as the fabric by which modern platforms are stitched together.
Day 2 keynote was presented by Ray O’ Farrell (VMware CTO and Limerick man!) and Joe Baguley (VMware CTO EMEA) and was very interesting as was demo focussed and took us through an example organisation that needs to “build, run and manage”. Joe Baguley talked through the new VMware technologies that build, run and manage using Spring, Bitnami and then Tanzu to manage Kubernetes clusters across any cloud. Project Pacific was then demo’d showing how vSphere can run a supervisor speaking to Kubernetes that is embedded into the core of vSphere, essentially creating namespaces side by side with traditional VM’s. Kubernetes pods are optimized and lightweight with interesting integrations such as kubelet being named vSpherelet for project pacific. For “Connect & Protect” NSX Intelligence was demo’d showing plan & troubleshooting capabilities by leveraging analytics that intelligently show security anomalies and intrusion detection. AppDefense was then shown in conjunction with VMware’s soon to be acquired Carbon Black for intrinsic learning and whitelisting of known good security posture. CloudHealth and Wavefront were showcased for multi cloud spend, economics, governance and control of consumed cloud resources. From an “Experience” perspective an exciting new Horizon Administrator was debut where a catalogue of clouds whether on premise, VMC on AWS or Azure are available to deploy desktop images to and administered from a central location. Finally, Bitfusion was discussed with it seen as a technology to use with vSphere in the machine learning and artificial intelligence space decoupling physical resources from physical servers.
A breakdown of the main announcements are as follows:
End User Computing:
- Verify Integrated is Workspace One’s MFA and is now integrated into Workspace One Intelligent Hub eliminating the requirement for a separate authenticator app. When an application is now set to require MFA a notification is sent in Intelligent hub requesting the user to authenticate via the devices local biometric which then launches the app if approved. This significantly streamlines the process and, in many ways, Verify is Workspace One’s hidden gem that’s not talked about enough in my opinion.
- Carbon Black is being integrated everywhere in the VMware strategy and Workspace One is no exception, with CD Defense next-gen anti-virus and behavioural endpoint detection it will send detected threats to Workspace ONE Intelligence for analytics. It’s interesting where this may go, wouldn’t it be amazing if intelligent hub was pushed to a device and it automatically deployed CB Defense for auto config and protection?
- HID Global VMware has created a partnership with HID Global who provide physical access management systems to streamline new employee experience. With Workspace One’s strategy to start with the employee this is an interesting partnership. The idea is to remove the traditional way of new employees waiting for devices and systems to be provisioned (after they have started in an organisation) to having it much more zero touch from signing their employee contract to getting up and running with automatic maps to their desk location and application provisioning fully automated. VMware feels that HR departments should be more involved with user onboarding and therefore the HID partnership will presumably allow new starters to have physical office access ahead of starting and more.
- Workspace One Intelligence Orchestration Workflows There was interesting announcement regarding new orchestration workflows introduced for Jira Service Desk, BMC Remedy Service Desk, and PagerDuty. These workflows further the automation and tracking of compliance and remediation events.
- MSFT Endpoint Management As part of MSFT’s endpoint management for Windows 10 Workspace One will include employee onboarding workflows, digital employee experience management, proactive troubleshooting of IT issues and consistent access to enterprise services and Microsoft Endpoint Manager-managed apps. Presumably with the acquisition of Aetherpal for remote management it will be included in this offering.
- Zero Trust I attended a session run by Peter Bjork on zero trust and a customer (Adobe) that had implemented this strategy. The start of this was based on Google’s Beyond Corp and how they applied zero trust to never trust, always verify and the session proceeded to talk about how Workspace One can apply this by using the products within the portfolio and also leveraging a true identity provider such as Okta or Ping. The solution means users are always validated, risk assessed, and access granted but on a constant basis and not the traditional method of “this machine is connected to the domain and the user is in AD” concepts. An excellent blog can be found here on how Adobe achieved this https://www.adobe.com/content/dam/acom/en/security/pdfs/Adobe-ZEN-WP.pdf
- AppDefense + Carbon Black was showcased on day 2 in the keynote. Carbon Black really adds to VMware’s drive forward of disruption in the security industry by making security intrinsic, living within the software defined infrastructure and not bolted on. An example of this is the service defined firewall combining AppDefense with NSX to compartmentalize and protect known good applications.
- NSX Distributed IPS/IDS is taking NSX micro segmentation to Layer 7 of the service defined firewall. Traditionally with NSX to do IPS/IDS traffic would be “steered”, creating “hairpinning”to IPS/IDS appliances. With this new announcement this feature will live within the kernel making this a significant step forward in simplifying the networking security landscape. This in conjunction with NSX Intelligence is some offering!
vRealize Automation Evolution:
VMware vRealize Automation 8 and vRealize Automation Cloud use the same codebase therefore you will get the same experience with both although releases with vRA Cloud will be more frequent than vRA8. Some highlights:
- delivers an entirely new HTML 5 user interface
- built on a modern container-based microservices architecture.
- Improves support for VMware Cloud on AWS, native Amazon Web Services, Microsoft Azure, and Google Cloud Platform
There is a migration check tool available to check compatibility for moving to vRA8 and coming next year will be an actual migration tool. This will smooth the transition for users already running current vRA versions.
Dell have announced earlier this year a DR as a service. Customers will be able to replicate to a Dell MSP facility removing the need for customers to have their own separate DR site.
Currently they support PowerMax, Unity, Isilon.
VMware announced further expansion of its Project Tanzu portfolio of products & services. Tanzu is aimed at accelerating enterprise adoption of Kubernetes. VMware also announced a beta programme for both Tanzu Mission Control and Project Pacific.
- Tanzu Mission Control manages multiple Kubernetes clusters from a single control point regardless of where they are running. The platform will allow customers to set policy for access, back-up, security and more to individual clusters or groups of clusters across environments.
- Project Pacific integrates VMware vSphere and Kubernetes. It will enable vSphere admins — using the tools they already know — to deploy and manage Kubernetes and container infrastructure anywhere VMware vSphere runs—on-premises or in a hybrid cloud. As well as this, developers can manage application services and deployment using the Kubernetes tools they are already familiar with.
Project Pacific will also include integrated container networking via NSX-T, simplifying Kubernetes design, deployment & management, as well as integrated cloud-native storage, allowing developers to provision vSphere-supported storage on demand.
Multi-Cloud for service providers:
- Multi-Tenancy in VMware Cloud on AWS: Cloud Director service brings multi-tenancy to VMware Cloud on AWS via vCloud Director – Vmware’s industry-leading multi-tenancy and service-delivery engine. This will allow service providers to provide pools of VMware Cloud on AWS resources to small and medium-sized customers that may be just starting out on their hybrid cloud journey. Cloud providers can now leverage the global scale of VMware Cloud on AWS availability zones to expand their cloud footprint to new geographies, customers, verticals, and lines of business as required.
- Project Path: Project Path is a unified, developer-ready platform that aims to accelerate cloud service-delivery by simplifying operations across both VMware-based clouds and public clouds. It aims to help cloud provider partners expand from infrastructure services to turnkey cloud platforms that are developer-friendly.
- Bitnami: The entire Bitnami Community Catalog is now available to VCPP partners to deliver to their end-customers’ virtual Datacentres and organisations within vCloud Director. Bitnami provides customers with access to a rich set of pre-packaged workload solutions such as developer tools, databases and network & security packages. With Bitnami, Cloud Providers can now attract developer workloads into their clouds and manage them with vCloud Director.
Cloud Provider Hub:
VMware announced the addition of VMware vRealize Automation Cloud (formerly CAS or Cloud Automation Services) to the Cloud Provider Hub. Comprised of three services—Cloud Assembly, Service Broker, and Code Stream—cloud providers can use these offerings to provide new application and developer services to their customers by helping them define, aggregate and deploy applications across clouds.
And that wraps it up for another year!
VMWORLD UPDATE BRIEFING
It’s an exciting time to be in the industry and with so much technology present and in development it can be overwhelming to know where to start.
We find the best way to do this is have our customers join us in our briefing centres in Dublin, Limerick and Cork, hear about our customer successes and together we can define your desired business outcomes and path to competitive advantage. We are currently putting together a VMworld Updates Briefing which we can tailor around your interests.