VMware touts multicloud networking, security, management upgrades

VMware is adding SaaS features for its NSX core networking software, and announcing VMware Aria cloud-native management service.


VMware is looking to ease the networking, security and management hassles of running enterprise multicloud environments with a raft of new products introduced at its VMware Explore 2022 conclave in San Francisco this week.

The new products include a SaaS-based upgrade for the company’s core networking software, NSX, as well a new cloud-native management service, VMware Aria, and integrated security features.

The driving idea behind all of the new products is to simplify the growing complexity of the network architecture connecting multicloud applications and their services, said Tom Gillis, senior vice president and general manager at VMware. That’s because VMware research shows 580 million workloads are expected to run on diverse, distributed environments spanning public cloud, on-premises, edge, telco clouds, and hosted clouds by 2024.

Project Northstar: Simplifying networking

At the heart of the this network-simplification strategy is a service VMware previewed at the conference called Project Northstar. It will offer a on-demand multi-cloud networking and security services, end-to-end visibility, and controls, Gillis said. 

From a central console customers will be able to turn up networking and security services across private cloud and VMware Cloud deployments running on public clouds. It will include services such as Network Detection and Response, NSX Intelligence, advanced load balancing, Web Application Firewall, and Hybrid Cloud Extension (HCX), which can move workloads between multiple on-premises environments.

The NSX Intelligence service within Northstar will offer a real-time view of each customer’s multi-cloud environment. “The NSX Intelligence service [is] powered by a scalable data lake, managed by VMware, that can absorb vast amounts of traffic flow data and provide recommendations for network and security policies across multi-cloud deployments. Visualization tools provide real-time multi-cloud traffic and security visibility,” according to Umesh Mahajan senior vice president of NSX, Data Center Product in a blog about the new service.  

Network Traffic Analysis will also provide insights on threats and behavioral anomaly detection, he stated.

In addition, Network Detection and Response service will provide scalable threat detection and response for workloads deployed in private and/or public clouds, Mahajan stated. “The NDR correlation engine will analyze [intrusion detection and prevention systems], malware, and anomaly events based on threat campaigns, which helps in preventing alert overload and simplifying security operations-monitoring processes,” he wrote.

“We are doing in software all of those rigid, expensive, proprietary services that hardware appliances did in the past,” Gillis said.

Northstar is a step forward for NSX customers experts said. While many of these services were available to NSX customers today hosted on-prem and in VMware Cloud on AWS, Project Northstar represents a major strategic shift to deliver these services across on-prem, hybrid, and multi-cloud environments via a SaaS delivery model.

“Northstar is a cloud-based management plane for NSX. So it simplifies running NSX since the management software is delivered as a service,” said Andrew Lerner, vice president at research firm Gartner covering enterprise networking. “For existing VMware customers this also enables consistent management from a single instance, versus separate disparate consoles.”

Aria management service

On the management front, VMware rolled out Aria a service aimed at helping customers manage multicloud environments. 

Using Aria Graph, a cloud-scale data-store technology, the platform captures the details of multi-cloud environments, including applications, users, configurations, and associated dependencies.

The service also integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth onto a single console, the VMware Aria Hub. Now in beta, it provides centralized views and controls and lets customers see and manage the entire multi-cloud environment.

For network operations, Aria will include the ability help run applications more smoothly by finding the cause of delay based on TCP traffic latency and retransmissions by triggering alerts on the applications dashboard. It will  also include an easier way to compare application behavior across different device vendors on the infrastructure, according to VMware.

An application dashboard will help identify those applications whose performance needs attention, VMware stated.

vSphere version 8 supports DPUs

VMware had some other big announcements at the conference. Those included a new release, version 8 of its flagship vSphere virtualization and vSAN hyperconverged software packages.

Key to the vSphere 8 release is the inclusion of support for Data Processing Units (DPU)—programmable networking devices designed to free-up CPUs for better performance in software-defined cloud, compute, networking, storage, and security services.

VMware CEO Raghu Raghuram said during his keynote that the new release was in development for two years, and it will ultimately let customers support a variety of CPUs, DPUs, and GPUs from a single compute infrastructure.

“vSphere is going to be the singular platform that allows you to deploy and manage workloads and run them effectively and securely regardless of what the underlying processor technology is,” Raghuram said. “And this is going to allow you to run not only today’s applications, but the next decade of AI and machine-learning applications and data applications, real time applications, telco applications, you name it.”

VMware announced that the AMD Pensando Distributed Services Card will be one of the first DPUs to support VMware vSphere 8. AMD Pensando’s DPU-based technology includes intelligent, programmable software to support software-defined cloud, compute, networking, storage, and security services that could be rolled out quickly in edge, colocation, or service-provider networks.

VMware also added an integrated package called the VMware Edge Compute Stack 2 to build, run, manage, connect, and secure edge-native applications across multiple clouds. The package builds on VMware’s existing edge package and adds support for features such as Tanzu Kubernetes Grid 2.0. The softwware supports smaller cluster sizes—one control node and one worker node—to run containers more efficiently on smaller commercial off-the-shelf hardware, VMware stated. It also adds support for containerized edge-native AI and ML applications.

In the future, VMware says, it will extend the edge package beyond its current support of x86 processors to support ARM, Atom, and Core (i3/i5/i7/i9) processor-based edge hardware.

VMware vSphere 8, VMware vSAN 8 and VMware Edge Compute Stack 2 are all expected by Oct. 28.

Copyright © 2022 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022