Security is broken, says VMware CEO
30 August 2018 | 0
The security market is broken because ‘the industry got it wrong’ when consistently trying to bolt-on protection to technologies and solutions.
This is the view of Pat Gelsinger, VMware CEO, when delivering the opening address of VMworld 2018 in Las Vegas.
“Thinking about our security spend, we’re spending more and we’re losing more,” said Gelsinger, when speaking to more than 25,000 attendees. “We believe that we need to have much less security products, and much more security.”
“We simply believe the security model needs to change and move away from ‘bolted-on to chase bad’ to an environment that has intrinsic security and is built to ‘ensure good’. This idea of built-in security, we’re taking every one of the core VMware products and building security directly into it,” Pat Gelsinger, VMware
Pondering this point, Gelsinger questioned the notion of a market which builds generic infrastructure, and then deploys multiple applications against a daily influx of threats, asserting the model needs to change.
“We simply believe the security model needs to change and move away from ‘bolted-on to chase bad’ to an environment that has intrinsic security and is built to ‘ensure good’,” Gelsinger explained. “This idea of built-in security, we’re taking every one of the core VMware products and building security directly into it.
“We believe through this we can eliminate much of the complexity and many of the sensors, agents and boxes and directly leverage the mechanisms in the infrastructure. We’re using that infrastructure to lock it down and behave as we intended it to, to ‘ensure good.’”
Gelsinger said this approach is not about chasing security threats, but rather radically reducing the attack surface.
During VMworld 2018, the software specialists revealed a string of updates to its hybrid cloud portfolio of infrastructure and management software, including the new vSphere Platinum Edition; an updated release of vSAN and refreshes to cloud management platform, VMware vRealise.
Delving deeper, vSphere Platinum aims to provide “comprehensive security” to protect applications, infrastructure, data and access.
The offering combines vSphere’s native security capabilities with VMware AppDefense, resulting in the delivery of advanced application security features fully integrated into the hypervisor.
“The reason we’re doing this is to focus on the idea of creating the world’s most secure environment and having very strong security capabilities,” added Mike Adams, senior director of cloud platform product marketing at VMware.
“We’re now adding a secure layer to the application, which makes sure that the VM that launches, is exactly the way the vSphere admin, wanted it to be, and there’s no deviation from it.
“Security starts at the foundation, and the foundation of what we do is vSphere. So bringing together vSphere and App Defence in a way that is integrated into the GUI, like we’ve never done before, makes a lot of sense.”
Monitoring, detection and response
With machine learning and behavioural analytics, Adams said vSphere administrators can deliver more secure applications and infrastructure, offering visibility into VM intent and application behaviour as well as accurate threat detection and response.
To help on-premises vSphere customers get kick started into VMware Cloud on AWS, customers that purchase a minimum of five vSphere Platinum Edition licences will also be eligible to receive credits (one per customer, worth $10,000) that can be applied to the service.
VMware has also released an update to vSphere 6.7 Update 1 providing fully-featured HTML5-based vSphere Client to help admins manage virtual infrastructures, while increasing support for intelligent workloads with vMotion and snapshot capabilities for NVIDIA Quadro vDWS powered VMs.
According to Adams, the vSAN 6.7 Update 1 will make it easier for customers to adopt HCI through simplified operations, efficient infrastructure and rapid support resolution, alongside reducing maintenance operations time with built-in intelligence capabilities.
Through the ‘Quickstart’ guide admins can spin up new HCI clusters faster – it will also decrease time-to-resolution with granular diagnostic tools and historical data to better support HCI environments.
A new private beta programme for vSAN has also been revealed to gain feedback on potential ways to further simplify the data centre through native data protection, file services, and cloud-native storage capabilities.
New releases across the vRealize Cloud Management Platform aim to help customers automate and standardise how their digital foundation is operated across hybrid cloud environments and consumed by developers for VM- and container-based application development.
The platform helps customers address three key use cases: self-driving operations, programmable provisioning, and application operations.
With a new UI, vRealise Automation 7.5 will enhance configuration management use cases and offer Kubernetes cluster management via VMware Pivotal Container Service (PKS) integration.
Furthermore, the offering will also feature enhanced AWS and Azure support, enabling IT to better serve broader developer team skill sets and application types.
Following a host of product updates, VMware also extended NSX multi-cloud networking and security to more clouds and environments, with support for workloads running in AWS, Azure, VMware Cloud on AWS, and on-premises software-defined data centres, and both Linux-based and containerised workloads running on bare-metal servers without a hypervisor.
Adams said a new support for NSX-T Data Centre in vRealise Network Insight 3.9, provides customers with ability to accelerate micro-segmentation planning and deployment, plan application migration, and gain operational views to manage scale and compliance for VMware NSX deployments across clouds.
IDG News Service