VMworld, Day 2: the Network Is the Thing

SAN FRANCISCO, Aug. 27– As is typical for day two of VMworld, the keynote session focused less on VMware product announcements and big vision statements, and more on the practical side of its portfolio.
The day one keynote was all about Kubernetes and containers. Today’s keynote was more admin-focused, with more product demos and under-the-hood upgrades. The most interesting things from a technical standpoint were the networking enhancements, specifically regarding NSX, VMware’s software-defined networking solution.
NSX has become one of VMware’s most important products, and it got a big boost with “NSX Intelligence,” which significantly advances its security abilities. VMware CTO Chris Wolf sees three primary use cases for NSX Intelligence:

  • Automate micro-segmentation and firewalling at scale
  • Demonstrate and maintain policy compliance
  • Simplifying security incident troubleshooting

Another upgrade to NSX announced was the VMware NSX Advanced Load Balancer. VMware says it’s a distributed load balancer built for the cloud, with an architecture that mirrors cloud principles. It combines a software load balancer, intelligent web application firewall and advanced analytics and monitoring. VMware says it will be faster, more scalable and more secure than current offerings.
A VMware press release said this about NSX Advanced Load Balancer: “The solution’s central control plane and distributed data plane deliver application services as a dynamic, multi-cloud fabric which intelligently automates decisions and provides unprecedented application analytics and on-demand elasticity.” The key takeaways from that are the distributed nature of the data plane and on-demand elasticity. Those are, of course, core cloud concepts, and shows just how far down this path VMware is headed. It’s essential to doing cloud computing right, as the added complexity of the cloud, which is turned up to 11 when talking about multi-cloud scenarios, demands more automation.
In addition, NSX-T gets a version upgrade. (NSX-T is the version of NSX for use in non-vSphere-specific settings, like hybrid cloud, public cloud, and so on.) The new features in NSX-T revolve largely around increased security. Chief among these features is a Native Cloud Enforcement mode that allows organizations to better secure public cloud workloads using native cloud security controls.
Networking, always a dense, complicated topic, is only getting more so in the cloud and container era. Things like microsegmentation, which is becoming increasingly seen as a must-have for proper security, are part of that. Cloud-native development focused on microservices is another. All these things put more strain on the network, and open more avenues for attack from bad actors. That’s why it’s more imperative than ever that your network be robust and secure. The NSX improvements announced today will help you get there.