It\u2019s been a few months since VMware closed its acquisition of VeloCloud, a prominent SD-WAN provider. In that time, the two companies have worked to integrate their products, and recently they announced a unified strategy called the Virtual Cloud Network.\nThe strategy fully supports the migration of applications and data out of the enterprise data center to the cloud and to branches \u2014 and with IoT, pretty much anything can be considered a branch today, as VeloCloud claims to have a customer with ocean-going ships as branches. The result is that many enterprises are in a position where their applications are everywhere, and their data is everywhere. This has profound implications on the network that needs to support all of this.\nIt\u2019s a foregone conclusion that the legacy network of the past 20 years can\u2019t take enterprises into the next 20 years. Since its inception, VeloCloud has said, \u201cThe cloud is the network.\u201d VMware is building on that strategy by assembling the pieces of a flexible, programmable network fabric designed to run everywhere that applications and data reside.\n\nThe Virtual Cloud Network provides a connectivity layer to connect everything \u2014 users, \u201cthings,\u201d branch offices, public cloud infrastructure, private cloud infrastructure, public networking infrastructure, private networking infrastructure \u2014 all together in one consistent framework. The consistency comes from abstracting the networking away from the hardware. Instead, the networking services live in software, and they live in the cloud in a virtualization layer. VeloCloud extends that across the network to the branch offices and the cloud, supporting traditional applications as well as modern applications. Moreover, security is intrinsic to all of this.\nVirtual Cloud Network components\nVMware NSX is the foundation for the Virtual Cloud Network, and the strategy has several new components under the NSX umbrella, as shown below.\n VMware\nNSX SD-WAN by VeloCloud \u2014\u00a0This is the new name of the old VeloCloud product. It provides WAN connectivity services with assured application performance, from data center, to branch, to cloud. It has end-to-end segmentation with NSX Data Center integrations. It is all cloud-delivered and cloud-managed.\nNSX Data Center \u2014\u00a0This is what has traditionally been known as VMware NSX. It\u2019s the network virtualization and security component. It provides consistent networking and security for applications running in public clouds \u2014 now including Microsoft Azure \u2014 and on-premises. It is truly a cross-platform, cross-cloud solution.\nNSX Cloud \u2014\u00a0This component is for a secure enterprise hybrid cloud. It provides extended support for containerized cloud-native and bare-metal applications. It also has telco\/NFV and networking performance optimizations for distributed workloads. It has been extended to be able to secure and connect native workloads running in Microsoft Azure, adding to the existing support for Amazon Web Services.\nNSX Hybrid Connect \u2014\u00a0This component provides workload mobility and connectivity. It helps with mass migration of workloads across the network from any VMware-based data center to any other VMware-based data center, on-premise or in the cloud, enabling the application to move from a legacy environment to a more modern data center environment. It also provides seamless network connectivity and traffic optimization across clouds.\nAppDefense \u2014 This element of the strategyruns on hypervisors to provide application security for all applications running on virtual machines.\nAbove the fundamental platform layer is the management and operations layer. Network Insight\u00a0does network discovery and provides virtualization analytics and insight of everything to do with the network, whether it be across the physical network or the virtual network, extending across from on-premise into the cloud. This is complemented by large-scale automation of the entire environment with vRealize Automation.\nVeloCloud brings SD-WAN capabilities\nThe VeloCloud acquisition is obviously a huge part of this new enterprise strategy. VMware and VeloCloud have done the integration between SD-WAN by VeloCloud and the NSX Data Center portfolio so that organizations can now get consistent end-to-end segmentation per application, all the way from the branch into the data center.\nVeloCloud pioneered the notion of the cloud being the network. The company took the complexity of traditional networks that is in custom proprietary hardware devices in each of the data center and branch locations and moved that complexity into the cloud, running it as a service in a simple and automated fashion. In terms of networking, what was physical and a product before has become virtual and a service that runs from the cloud. VMware runs the service and provides it with partners to the enterprise customer. Service providers such as telcos run the service, as well.\nThe SD-WAN service can be run over multiple transports, meaning enterprises don\u2019t have to worry about whether they have a private network, a public network, or a wireless network. VeloCloud optimizes and secures the traffic from each of the branch office locations to the applications, whether they are in the data center or the cloud, or even in the branches themselves.\nOne of the important integration points between VMware and VeloCloud is that they have extended VeloCloud into the data center using NSX Data Center. Now enterprises can segment their traffic from the branch all the way up to, and now into, the data center. Traffic gets mapped onto NSX into a routing domain, which lets users keep traffic separate in its own segment. For example, PCI traffic should be kept completely separate from guest Wi-Fi traffic. This is an improvement over what is done manually at a transport layer in traditional networking. This same concept has been extended to the cloud with NSX Cloud. Regardless of where a workload is running, enterprises can take that same segmentation and push it into the cloud.\nThis kind of architecture yields multiple benefits, the first being that the enterprise doesn\u2019t have to worry about the bits and bytes of the underlying transport. It allows the organization to run its business, talking the language of a business policy, and use the cloud and virtualization to achieve their business goals.\nAnother benefit is optimized cloud access, so all of the applications that now sit in the cloud get the performance and security they deserve. What\u2019s more, VeloCloud has been able to solve the problem of how to optimize real-time traffic such as voice, video, VDI, and IoT on best effort networks.\nThe NSX SD-WAN by VeloCloud can be brought up in a period of days, deploying hundreds of locations in just days whereas it can take months with a traditional network.\nSupport for modern application frameworks\nNSX has extended its platform for virtualization to applications that run in new modern application frameworks. The same networking and security controls that are used for virtualized apps can be applied to the container landscape.\nIt was about a year ago that VMware announced a relationship with Pivotal to embed networking controls in both the Pivotal Container Service and the Pivotal Application Service. This has been extended to support all upstream Kubernetes distributions, as well as to align with Red Hat OpenShift. Now a powerful suite of modern application development tools is fully enabled around VMware\u2019s networking and security virtualization. Native container networking can match what an enterprise runs for its applications in the data center.\nThose key capabilities around micro segmentation \u2014 security, policy, visibility for the apps \u2014 can now be applied to containerized workloads so that developers can visualize, monitor, and analyze across the entire spectrum of this platform for delivery. The move also embeds the tools of the network and the security policy in with the developers at the point where they are building or delivering the application. This shortens the time between ideation and delivery of application with the security policy and networking services built in.\nGoing a step further beyond VMs and containers, VMware is also addressing what is happening from a bare metal perspective. With this latest release of NSX, VMware is taking bare-metal Linux hosts and making them first-class citizens with the same security policies and networking services applied to all workloads, regardless of whether they are virtual machines, containers, or bare-metal services running within the enterprise, as well as extending that out into the native public clouds to VMware cloud destinations.\nAltogether, VMware has a sweeping new strategy covering consistent networking and security for applications regardless of the construct and where they are running.