VMware on Wednesday announced updates to the components of the Virtual Cloud Network, a package of products that bring virtual networking and security capabilities to workloads running anywhere, from the edge to the cloud. The ultimate of the Virtual Cloud Network is creating private cloud infrastructure with the “same agility, flexibility and efficiency as the public cloud,” according to Tom Gillis, SVP and GM of VMware’s Networking and Security Business Unit.
Specifically, VMware is announcing the release of NSX-T 3.0, the latest version of the networking and security virtualization platform that serves as the foundation for the Virtual Cloud Network. The company also announced the 5.2 release of vRealize Network Insight (vRNI), which provides visibility across virtual and physical networks.
The updates come as virtual networking is “beginning to approach mainstream,” Gillis told reporters this week.
The number of Virtual Cloud Network customers now exceeds 15,000, Gillis said, including 89 of the Fortune 100. “Large enterprises have realized the power of virtualization,” he said.
Additionally, eight of the 10 largest telcos in the world have adopted Virtual Cloud Network, with increasing demand driven by the move toward 5G.
With NSX, the Virtual Cloud Network offers a “complete solution,” Gillis said. It can run workloads in VMs, containers or bare metal. He likened it to an air craft carrier, in that it “has all the things necessary to complete a mission,” much like an Air Force base — but you can “lift it up and put it wherever you wanted.”
There are more than 100 new features with NSX-T 3.0, which is generally available today, including some key security enhancements. Going beyond micro-segmentation, VMware is stepping up internal security with the introduction of Intrusion Detection and Prevention (IDS/IPS) capabilities.
NSX Distributed IDS/IPS matches IDS/IPS signatures to specific parts of an application, to selectively block in-band traffic, Gillis said. It allows VMware to identify compromised machines and stolen credentials, with fewer false positives and higher throughput.
“This is a huge step forward,” Gillis said. “If we look at the security domain, the fact that a machine has been compromised, that is not where the damage is done. The damage is that the attacker can use that as a beachhead and move laterally 50 or 100 times… That’s the problem we can solve with NSX.”
NSX-T 3.0 also includes NSX Federation, allowing enterprises to use fault isolation domains and global policies that are synchronized across all locations. With fault isolation domains, customers can contain any network problems to a single zone, minimizing the impact of problems.
Meanwhile, NSX-T 3.0 also lets enterprises extend its full stack container networking services — including switching, routing, distributed firewall, micro-segmentation and load balancing — to the new VMware vSphere with Kubernetes and VMware Cloud Foundation 4 platforms, as well as the VMware Tanzu portfolio and non- VMware Kubernetes platforms.
As for vRealize Network Insight 5.2, the new release introduces adds machine learning to application discovery to better understand categorized applications by tier. This flow-based application discovery provides insights into network communication density, applications patterns, and enhanced security recommendations.
The update also includes AWS Direct Connect support, VMware SD-WAN application and business policy statistics, enhanced Kubernetes visibility and support for VMware NSX-T 3.0. The 5.2 release is expected to be available in VMware’s fiscal Q1, which ends on May 1.