Author Archives: Susan Wu
Author Archives: Susan Wu
The way enterprises design, build and run applications has changed significantly over the past several years with the evolution of microservices and containers. No longer are applications built using a monolithic architecture—evenly stacked and centrally organized in a way that made it easy to manage and secure. Today’s modern applications are spread out in thousands of microservices across data centers and the cloud—able to be spun up and down wherever users log in.
While microservices provide reusable elements to accelerate software development, the software supply chain itself could become an attack vector. In an effort to enable business agility without putting the enterprise at risk, organizations need to infuse security directly into DevOps processes and throughout the software supply chain at large. This makes security everyone’s responsibility—whether they are a user, a developer or a platform owner—to protect the applications that are consumed for work and for life.
The Rise (and Risk) of Kubernetes
Microservices applications need Kubernetes as an orchestrator to handle scheduling of containers in a cluster of servers, load balancing those containers, managing permissions and access control and many other Day 2 concerns. Kubernetes wasn’t the first orchestrator, but its rapid adoption makes it a defecto standard today for running scalable and resilient containerized applications. According Continue reading
GigaOm placed VMware Tanzu Service Mesh (TSM) in the leader ring of its 2021 GigaOm Radar Report for Evaluating Service Mesh, cementing VMware’s status as the open-source choice for connecting and securing modern applications across single and multi-cloud environments.
As enterprises continue to split applications into microservices that can be spun up or down as needed, service meshes give DevOps the ability to seamlessly and simply orchestrate connectivity and security services across multi-cloud environments, automatically and at scale. This common abstraction layer for application services enables true app resiliency, observability, and security across single and multi-cloud environments — a critical superpower for organizations focused on delivering powerful and consistent experiences.
Citing Tanzu Service Mesh’s open-source architecture, dominance in the enterprise market, innovative road map, and focus on improving security, the authors of the report feel that Tanzu Service Mesh gives enterprises the best chance of gaining that all-important visibility and control with modern applications.
The key to this, of course, is Tanzu Service Mesh’s ability to seamlessly abstract the application layer from the infrastructure layer through Global Namespace (GNS). By onboarding applications to a Global Namespace, developers, operations, and security gain consistent policy controls and operational Continue reading
Open Source has proven instrumental in accelerating software development — providing developers with feature velocity, ease of customization, and quality reusable code. However, the open-source security landscape has clearly changed: it’s clear that the unwritten rule among the open-source community has expired, and open season on hacking open-source software projects has begun. Today’s threat actors have no qualms about injecting malicious code upstream as a way to target downstream applications. Developers need to recognize this new reality and rethink security across the software supply chain.
How did we get here? The push to accelerate digital transformation may be inadvertently introducing vulnerabilities into the software supply chain. Developers, under constant pressure to deliver new software to market faster, often rely on containerized open-source software and public repositories to meet dynamic, agile needs. According to Gartner, nearly three-quarters of global organizations will be running three or more containerized applications in their production environments by 2023. The Cloud Native Computing Foundation (CNCF) also confirmed a similar pattern in its survey, which found the use of containers in production has increased to 92 percent since 2019. With Kubernetes the dominant container orchestration solution, 32% of respondents in the CNCF survey indicated that security Continue reading
The network has never been more vulnerable. Covid-19 has flung users out from the data center to home offices—where they are accessing critical systems, applications, and other users from unsecured devices and WiFi connections. As a result, it’s all hands on deck for IT, with network engineers deputized as IT support staff in a mad rush to give remote users fast and reliable, yet secure, access to the tools and information they need.
But what of the regular duties of these engineers? They are being pushed back in favor of new priorities—stretching network engineering resources, already spread thin, to the breaking point.
Enter network automation. VMware NSX-T allows organizations to automate and simplify operations in the age of Covid. Tasks that were once performed manually through the UI or CLI can now be automated with the NSX API—creating the foundation for dynamic, flexible and responsive network architectures that can support a world where users, devices, applications and data connect across private, public and hybrid cloud environments.
Networking professionals who want to learn more about how to automate operations should check out the following on-demand sessions from VMworld:
By Cody McCain, Senior Product Manager and Susan Wu, Senior Product Marketing Manager, Networking and Security Business Unit
Enterprises benefit from collaborative engineering and receive the latest innovations from open source projects. However, it’s a challenge for enterprise to rely solely on community support to run their operations. This is because community support is best-effort and cannot provide a pre-defined SLA.
While Kubernetes itself is open source, and part of Cloud Native Computing Foundation (CNCF), it takes an ecosystem of surrounding technologies as curated by CNCF—from the container registry and storage engine to the container network plugin to run Kubernetes.
With the new release of VMware Container Networking with Antrea, enterprises get the best of both worlds – access to the latest innovation from Project Antrea and world-class support from VMware. Container Networking with Antrea is the commercial offering consisting of and 24/7 support for Project Antrea.
Container Networking with Antrea will package the latest release of Project Antrea version 0.9.1. Antrea is a purpose-built Kubernetes networking solution for public and private clouds building upon Open vSwitch, the open source technology optimized for distributed multi-layer switching performance. Antrea is designed to run anywhere Kubernetes Continue reading
Organizations today constantly seek greater agility and speed in their IT operations. They’re looking to seize market advantage by innovating with new technology and quickly responding to shifting market trends. Meanwhile, IT teams seek higher levels of simplicity and automation – and more efficient allocation of limited resources – in order to support these larger business goals.
A major roadblock many organizations face in the drive for efficiency is that their enterprise network is far more difficult to manage than ever before. Distributed workloads and distributed IT resources have led to extremely complex configurations and poor visibility across the environment. To make matters worse, much of the management work on these networks has traditionally been performed manually, via command-line entry. That’s proved to be tedious, costly, unnecessarily rigid, and prone to error.
Industry reports find as much as 40-80% of network failures are the result of human error
Network outages are of course a large pain point in enterprise networking, but there are certainly others. Complex, hard-to-manage networks are hindering business innovation, making critical security improvements more difficult, and driving up costs. This set of drawbacks has naturally led to a search for better Continue reading
The VMware NSX team is excited to announce the new NSX vExperts program. If you’re not familiar with vExperts, the program is designed to recognize individuals who are passionate about sharing their knowledge on VMware technologies with the broader community. While the vExpert program has been around for over 10 years, this is the first year we’re introducing the NSX vExpert subprogram and badge.
Individuals awarded NSX vExpert status are the crème of the crop when it comes to their knowledge in NSX use cases like micro-segmentation, network automation, multi-cloud networking, service mesh and modern apps. They’re advocates of VMware NSX and love “giving back” to the community by sharing their knowledge with their peers— whether it be through blogging or public speaking at events like VMworld and VMUG.
Becoming an NSX vExpert is not without its perks. In addition to bragging rights and the cool badge, VMware will provide great opportunities to give you the recognition you deserve.
Here’s what vExperts gain:
In the digital age, everyone is responsible for the organization’s overall security. DevSecOps￼￼ brings together the disciplines of DevOps, Cloud and now Security toward a common goal of distributing security decisions with agility and scale. At VMworld Europe, you will network, learn and practice the industry’s latest technology with industry insiders, experts and your fellow co-workers and peers.
We’ve put together a list of VMware’s networking and security business unit’s top sessions, hands-on-labs and keynote sessions that you can’t miss!
Showcase Keynote: Networking and Security for the Cloud Era
Showcase Keynote: Intrinsic Security – How Your VMware Infrastructure Can Turn the Tide in Cybersecurity [SEC3412KE]
Edge to Hybrid Cloud, the Network Matters [CNET3628BES]
Last year, we expanded the VMware NSX family of products to include NSX Data Center, NSX Cloud, AppDefense, VMware SD-WAN by Velocloud, NSX Hybrid Connect and NSX Service Mesh. This year, AVI Networks has joined our family.
With the combined portfolio, we’re delivering on the Virtual Cloud Network vision of connecting, automating and protecting applications and data, regardless of where they are— from the data center, to the cloud and the edge. NSX delivers the full L2-7 services, enabling the public cloud experience for on-premises environments.
We will have an exciting line-up for VMworld US 2019. Our engineers, technologists and customers will be speaking on 80+ topics throughout the conference spanning beginner to advanced levels throughout the conference. Some session topics include:
In this post, we will focus on our cloud networking sessions and showcase keynotes. Use this handy guide to begin planning your exciting week and bookmark the sessions you want to attend.
If you’re interested in security focused sessions, read the blog Continue reading