VMware Wants to Help You Build a Modern Enterprise Network

That starts with automating load balancing for Kubernetes and running firewalls on server SmartNICs.

Wylie Wong, Chips and Hardware Writer

November 19, 2020

5 Min Read
Data center network

VMware updated its Virtual Cloud Network solution this week with new features that make it simpler to manage and secure networks and easier to build and manage applications running on top of Kubernetes.

The Virtual Cloud Network is VMware’s portfolio of software defined networking technologies that include NSX network virtualization and security software, VMware SD-WAN by VeloCloud, and vRealize Network Insight, the company’s network visibility and analytics software. Cumulatively, the portfolio is meant to enable organizations to deploy and manage network connectivity and security from data centers to multi-cloud deployments and the edge.

VMware executives this week announced a handful of new Virtual Cloud Network features, including the integration of NSX Advanced Load Balancer with Tanzu Service Mesh, technology that allows application teams to connect and secure their microservices across multiple Kubernetes clusters and clouds.

The integration allows developers to focus on development without having to also configure load balancers, said Tom Gillis, senior VP and general manager of VMware’s networking and security business unit. They can launch an application, which includes all the required load-balancing capabilities, without having to touch the infrastructure at all, the company said.

Related:Hybrid Cloud: The Benefits of NOT Going All-In

“It’s about automation. It’s about simplicity. It’s about breaking the grip and reliance on dedicated hardware appliances,” Gillis said during a media briefing.

As part of that strategy, the company announced that its NSX Services-Defined Firewall will run on smart network interface controllers (SmartNICs). It’s part of the company’s recently announced Project Monterey  initiative, which seeks to disaggregate the server and offload network virtualization and security workloads from CPUs to SmartNICs. SmartNICs are network cards that have their own processors.

Instead of running traditional firewall hardware with a bloated set of rules, enterprises can use SmartNICs and deploy micro-firewalls closer to applications and data, with more precise and relevant rules to protect them, Gillis said. It will run stateful Layer 4 firewall services at line rate. It can also run Layer 7 stateful firewall with intrusion detection and prevention capabilities.

“We think this is a transformative capability for advanced security, so you are putting the security where it matters, which is right next to your sensitive applications and your data,” Gillis said.

These enhancements to Virtual Cloud Network are part of VMware’s newly announced “Modern Network” framework, designed to help business customers move to a cloud operating model. By leveraging its Virtual Cloud Network, the company said it aims to help customers deliver applications faster and more securely, shift to remote work, and reduce cost and complexity.

Rajiv Ramaswami, chief operating officer for VMware’s products and cloud services, said the framework has three pillars:

  • Modern application connectivity services, which are self-service tools that developers use to securely connect the microservices of a modern app.

  • Multi-cloud network virtualization, which provides a set of network services that are fully automated and software-based, including security and load balancing.

  • Physical network infrastructure, which is general-purpose hardware designed to move bits fast. This pillar includes SmartNICs.

VMware has touted its Virtual Cloud Network over the past two years, and the Modern Network framework is an evolutionary step in the strategy, said Brad Casemore, IDC’s research VP for data center networks.

To meet digital transformation requirements, today’s networks have to be more aligned with developers and DevOps needs, which means they need to be fast and responsive and support a cloud-centric approach, Casemore said.

“We have to get beyond the network as a separate silo and ensure networking is in lockstep with the other infrastructure: compute, principally, but also storage.” Networks have to be able “to move at the same pace with the same degree of flexibility and agility."

VMware’s Modern Network framework “is aligned with where they need to go,” Casemore said. Other competitors in the network virtualization and automation market, including Cisco, Juniper, and Nokia’s Nuage Networks, are all pursuing the same strategy.

Cisco, for example, recently announced new software-as-a-service products that allow customers to easily install and manage Kubernetes across a hybrid cloud environment, and a centralized management tool that helps enterprises automate the management of data center networks across their hybrid cloud environments.

“They all have roadmaps,” Casemore said. “They have different strengths and weaknesses.”

New Virtual Cloud Network Capabilities

VMware said the integration of its NSX Advanced Load Balancer with Tanzu Service Mesh will be available during the first quarter of its 2022 fiscal year, which is between February and May 2021.

VMware this week also announced a preview of an Attribute-Based Access Control policy model, which Gillis said will analyze users and their behavior in allowing access.

For example, it will analyze who you are, where you are coming from, what device you are on, the status of your device, and what apps or data you are trying to access, he said.

“I’m coming in on a laptop that’s unmanaged. I’m coming from Asia somewhere in the middle of the night, and I want to access source code, maybe that’s not a transaction we want to allow,” Gillis explained. “So, having the ability to make a distributed and attribute-based policy model will greatly simplify the job of building and administering policies and drive toward a higher-level automation capability.”

VMware also announced that it has added a connection between NSX and Project Antrea, an open-source cluster-level networking solution.

Antrea provides connectivity of containers and security services within a cluster. But when the developer needs to make a connection across clusters or from a cluster to a virtual machine, NSX provides that bridge, Gillis said.

The company also announced a new SD-WAN subscription service for employees who work from home. The “Future Ready Workforce Solution with VMware SD-WAN Work from Home Subscriptions” provides individual telecommuters with good network connectivity, application performance and security at a low price, the company said.

About the Author

Wylie Wong

Chips and Hardware Writer

Wylie Wong is a journalist and freelance writer specializing in technology, business and sports. He previously worked at CNET, Computerworld and CRN and loves covering and learning about the advances and ever-changing dynamics of the technology industry. On the sports front, Wylie is co-author of Giants: Where Have You Gone, a where-are-they-now book on former San Francisco Giants. He previously launched and wrote a Giants blog for the San Jose Mercury News, and in recent years, has enjoyed writing about the intersection of technology and sports.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like