VMworld 2012: Innovation Wrap Up

As I walked the VMworld 2012 show floor, I was looking for innovation or something new and interesting. I found it in several unexpected locations. There were quite a few of the expected vendors at VMworld, but there were gems here and there. There was innovation from HotLink to VMware. All in all a great show.

This is a very short list of what was innovative, and  interesting on the show floor:

  • Intigua has a very interesting and cool product that has many a use for security and management purposes. In effect, Intigua allows you to manage all your virtual and physical machine agents from one place. In addition, they create a sandbox around your agents for security reasons. Yes, you can manage VMware Tools, Anti-Virus, Anti-Malware, Backup, and other agents from within Intigua.  For large deployments of many agents (including VMware Tools), Intigua offers a helping hand to organize, update, and count the agents.
  • Zerto has a large list of cloud providers that act as replication receiver clouds for Zerto’s form a replication. This is where I see replication heading in the future and Zerto has embraced this fully. In addition, Zerto integrates with vCloud Director such that the internals of a vCloud VDC can be created at need.
  • Symantec Critical System Protection (CSP), which required a bit to find within their boot, but was well worth the demo. They hacked a system without CSP showing the attack succeeding, then turned around and applied the CSP rules to the system and attempted to hack it once more, to come in over the existing backdoor and showed it was denied. CSP showed the ability to limit attacks even on already hacked systems! How does CSP work? By wrapping each application in a protective shell that whitelists certain acceptable activities.  CSP can act as a last line of a defense-in-depth for critical systems, such as your vCenter server. CSP, has special rules that are taken from the various hardening guides to harden not only the OS of a Windows based vCenter server, but also vCenter itself.
  • Trend Micro was showing off v9 of their Deep Security Suite which contains quite a bit of automation of the virtualization security layers and deeper integrations to support cloud workloads as well as their own Secure Cloud product.
  • VMware has quite a few innovative elements within their booth:
    • vCloud Architecture Toolkit (vCAT) is now online as a searchable, translate-able, HTML or downloadable document. vCAT is one place to find recommendations for designs, architectures, and cloud implementations. As a documentation source it is invaluable.
    • vXLAN, while not new per say, it is finally available with a few changes over what I originally envisioned. vXLAN can be used to join multiple vSphere Clusters and Datacenters together into one large cloud network. This removes several issues with building clouds as discussed within The Virtualization Practice’s VMware and Public Cloud Computing – A Discussion.
    • VMware Fusion 5, okay it was not announced at VMworld, but adding a Pro edition which contains a network editor is a major boon to all people who run VMware vSphere ESXi within Fusion to run secure demo labs.
    • vCloud Networking and Security (vCNS) Edge Gateway, the renamed vShield Edge, has gained some new features that make using vCNS Edge Gateway much easier such as handling 10 vNICs instead of 2 as well as hot-standby capability. If one vCNS Edge Gateway fails another will take over and since it is active-passive all rule updates are within the passive device as well as the active. This alleviates concerns about edge services failing and closing off the system. This is a fail-safe style functionality.
    • vCNS Framework was also commented upon. This is a way for third parties to plugin their own security tools into the vCNS suite. While not new per say as there is VMsafe and vShield APIs, there is now a unified set of APIs that can be used by all third parties.  The changes this will have with the Virtualization Security community are still to be seen, but it bodes well.
  • While I heard of this device at Dell Storage Forum in Boston, the Dell Equalogic Storage Blade is an impressive piece of hardware. The engineering that went in to reducing the size of the controllers is impressive as is its capacity. If I could use it within my blades I would.
  • The HP Matrix Orchestrator shown on the second day keynote came across as a very interesting way to design a datacenter and thereby a cloud. While it was missing some things such as automated security controls, it is nonetheless a step along the path of the software defined data center.
  • Piston Cloud’s, Cloud on a Stick, approach to provisioning and deployment of their OpenStack distribution was very cool. From one small USB stick you can deploy up to a 2000 node OpenStack cloud, granted this distribution does not yet contain Quantum, but is an interesting approach to getting a cloud up and running (on the proper hardware).
  • AFORE was showing a technology preview of their CX product. This product allowed one to encrypt all files and data access within a guest OS (windows only at the moment) at low levels. Key management is handled via the existing AFORE Cloudlink management engine.  Encryption of data in motion is now our Achilles heel and this is a step in the proper direction.
  • HotLink was demoing their mix management software and was in some ways the talk of the show. Being able to manage all your hypervisors and some clouds from one location that everyone knows is very interesting. Treating Hyper-V, Xen, KVM, and others as if they were a vSphere host provides a single method to manage an environment. Now if we can just unify the security across all those hypervisors.
  • In the Innovation booths the Waratek JVM is an interesting approach to creating a multi-tenant JVM. When using Waratek, in conjunction with a virtual environment, the definition of the Application changes to being something smaller than a virtual machine.  This has some interesting connotations for Java based PaaS Clouds. The multi-tenant features go all the way down such that each VM has their own garbage heap for later collection.

Tied all together, VMworld 2012 had an impressive show floor. While some of the innovation was subtle, such as improvements and new features in Catbird Security, Juniper vGW, and others. There were some outstanding hardware and software solutions that were very cool, innovative, and solved real problems. My time on the show floor was quite limited however, if you saw something you think was innovative, new, or just plain cool, please share it, I am interested in hearing what others thought.

Posted in SDDC & Hybrid Cloud, Security, Transformation & Agility