Find yourself in good company among the clouds with VMware’s latest roll out of SaaS offerings. Last week the CEO of the virtualization giant, Pat Gelsinger, introduced their second quarter results with a vague remark on how the compute virtualization company will expand their current portfolio to drive efficiency and digital transformation.
Fast-forward to the first day of VMworld and Pat’s message becomes a little clearer. VMware unveiled half a dozen software-as-a-service offerings and finalized a jet-fueled solution with AWS which will rocket your current on-premises environments to the major cloud provider. In this article, we will break down the new subscription based services available to current VMware accounts and AWS Cloud Foundation offerings.
- App Defense: behavior based security offering that gives businesses relevant options to quickly respond when VMs diverge (SaaS or on-premises software)
- NSX Cloud: service for managing traffic across public cloud and on-premises
- Discovery: finds where/what’s running then allows you to organize into logical groups
- vRealize Network Insight: analysis service across virtual, physical, and multi-cloud environments
- Wavefront: performance monitoring service for cloud-native apps
- Cost Insight: cost monitoring/optimization service which follows AWS, Azure, and Google’s price lists inside out and makes cost-saving recommendations
Come at Me Bro
Without a doubt, VMware’s flagship suite, and to most the mother of modern virtual infrastructure, has been notoriously sold with attaching management software bundles. Their latest strategy offers more options for those who decided to go “Naked.” Starting with VMware’s mainliner, their new security suite, formally known as Project Goldilocks, branded as App Defense.
App Defense was well-received at VMworld, bringing a new spin on security by not focusing on “finding bad” but “ensuring good.” It’s part of a new three-pronged security offering (NSX, App Defense, Automation) which creates a manifest of expected behaviors for VMs. App Defense builds its whitelist of acceptable behavior by linking to vCenter and third party automated provisioning tools; making it perfect for DevOps. It then gives options to deal with misbehaving VMs. App Defense also allows line-of-business types to join the party via a mobile app that alerts them when applications misbehave, giving stakeholders a vote on how to respond. The new offering comes in two flavors: SaaS or on-premises software.
Then There Were Two
Establishing that App Defense as a major focus for VMware shouldn’t overshadow the current excitement around network virtualization. Filling in as the first prong in VMware’s security offering, NSX offers true "micro-segmentation," allowing you to restrict behaviors tied to specific applications or VMs. Although, NSX has been available for well over a year, getting actual hands-on experience with the new platform has been anything but easy. Lab-to-reality has been a stress test for early adopters, but VMware is looking to put new users at ease with the roll out of NSX Cloud (NSX-as-a-service). It’s uncertain if there will be an a la carte version of NSX Cloud that would allow you to only take advantage of microsegments. Seems to be a road block for further adoption.
The third and final prong is automation. Engineers have taken a page from the coder's book of life lessons: “Once and only once.” Remove duplicate efforts while streamlining outcomes. Mix this messaging with powerful tools and you’re able to maximize staff utilization with a few key strokes. VMware’s vRealize Automation fits into the strategy flawlessly, but your DevOps team will have a field day with the implications of integrating CHEF, Jenkins, and possibly CodePipeline into the main circle or shell that is App Defense. VMware wants to create an environment which is first and foremost secure.
Following the heavy hitters are a slew of supportive roles, Discovery, Network Insight, Wavefront, and maybe the most utilized tool of them all, VMware Cost Insight. Before converting VLANs to VXLANs to deploy the heavily NSX dependent Network Insight, you should utilize VMware Discovery. Find out what you have running, in what clouds, and organize them into logical groups; unearthing what shadow IT has created in/outside your environment. Then load VMware Cost Insight, a SaaS service that monitors workloads and makes cost saving recommendations based on the dynamic pricing from major cloud providers like AWS, Azure, and Google. Cost Insight is a great tool to help in the decision-making process before pushing to a major software defined cloud provider or building traditionally. That gets us to the next segment of the article (I’m sure you’ll hear a lot more about Wavefront in our next posting) VMware on AWS.
When VMware Meets AWS
VMware brings their long-awaited Software-Defined Data Center platform to the US West region of AWS with insight showing a global roll out before the end 2018. VMware Cloud on AWS allows you to leverage existing VMware investments (vSphere, vSAN, NSX, and vCenter) across your on-premises environment and the AWS Cloud. Quickly move applications between your on-premises environment and AWS without having to rewrite applications, purchase any new hardware, or modify your operations.
VMs running on AWS will have the added access to AWS services including compute, database, analytics, IoT, AI, security, mobile, resource deployment, and application services, along with the additional VMware SaaS offerings we discussed earlier in the article. From this angle, it would seem as if VMware is pushing for more NSX network deployments and subscription-based services. One could argue that this was a necessary move to save the idea of an on-demand vCloud. Either way you look at it, VMware is selling Rocket Packs.
Yes: Rocket Packs. Essentially, allowing you the freedom to build, test, span, and recover on your own terms without the expense or hassle. You can quickly get to the clouds and make your way back to the ground securely. Their latest deal with AWS takes what you love about vCloud Air and spans it across Amazon’s proven cloud platform, branded VMware Cloud Foundation. To take full advantage, you should upgrade to vSphere 6.5 and deploy NSX across the board. Is it worth it? Maybe. Does it cost a lot? Well...
Cost to Play in The Clouds
As of this moment, VMware Cloud Foundation can only deploy one type of host at an on-demand rate of $8.37 per hour. Future pricing suggests a 30%-50% discount based on a one-or-three-year subscription. Each host has a pair of CPUs, 36 cores, 72 hyper-threads, 512GB of RAM, and local flash storage. You will probably need at least four hosts to build a cluster, tallying up to $73k a year!
Compared to the total cost of ownership for either on-premises or public clouds, it’s too close to call –especially if opting for the three-year subscription. Keep in mind that this is the cost before bandwidth, IP address charges, and additional VMs.
Wrap it Up
The new SaaS strategy should bode well for VMware and its users. Adding useful tools makes it even easier to wrangle and secure your multi-cloud instances from inside vCenter. Although VMware isn’t making actual rocket packs, they are doing a great job keeping Hyper-V at bay and giving new hope to a failed attempt as a cloud provider. Looking forward to see if pricing gets restructured.
Would you migrate to VMware Cloud Foundation or deploy App Defense?