VMware plans later this month to announce a strategy to improve network performance and security by combining network and application awareness, reminiscent of Cisco's pitch for "intent-based networking." But VMware claims it's got the technology to do it better.
At the VMware Inc. (NYSE: VMW) VMworld conference in Las Vegas, which begins later this month, VMware plans to launch a strategy it calls Microsegmentation 2.0. The new strategy brings application awareness to its microsegmentation architecture for securing and managing enterprise networks, Tom Gillis, VMware's new senior vice president and general manager for networking and security, tells Light Reading.
Microsegmentation is VMware's long-standing strategy for dividing networks into very small segments for security and management. Microsegmentation contrasts with the old way of securing and managing networks, putting a perimeter around the enterprise network, and declaring everything inside the perimeter as safe and everything outside as a potential threat. But that philosophy doesn't work today, as enterprises need to connect their networks to partners and customers, and users connect mobile devices to both to the enterprise network and outside networks. For example, a user might connect a mobile device to the networks at work, at his family home, and at a local coffee shop, and bring viruses and malware from the external networks to the enterprise network.
The perimeter security model gets even more obsolete with the emergence of Internet of Things and edge computing.
VMware has historically addressed the obsolescence of perimeter security by decomposing networks into small partitions, known as "microsegments." This allows users of VMware's NSX software-defined networking to gain enhanced network manageability and security in the modern, multicloud world, Gillis says.
With Microsegmentation 2.0, VMware will marry its knowledge of NSX networks with knowledge of application behavior that VMware gains by running the software infrastructure enterprise apps run on, namely vSphere virtualization and containers built on Kubernetes. VMware will develop models for how applications should behave, and block anomalous actions that could indicate threats. For example, there's no reason a web server should seek out root access, so a web server seeking root access is likely up to no good, Gillis says.
The new guy
Gillis joined VMware in May, following nearly seven years as CEO of Bracket Computing, an enterprise security company for hybrid cloud networks. VMware picked up key people and intellectual property from Bracket at the same time Gillis joined the company.
Prior to Bracket, Gillis was vice president and general manager of Cisco's security technology group, where he worked for more than four years. And before that he was vice president of marketing and co-founder of IronPort Systems, a network security company with a pioneering anti-spam service and email security appliance, which was acquired by Cisco in 2007 for $830 million. (See Cisco Buys IronPort and Cisco's Multi-Year Buying Binge.)
Gillis joins VMware as the company is on a roll. VMware reported $2.01 billion revenue for its most recent quarter, the first quarter fiscal 2019, up 14% year-over-year. The Dell Technologies Group owns a majority, controlling stake in VMware and VMware is a profit and revenue center for Dell, and integral to Dell's return to public markets after several years as a private company. (See Networking Is Eating VMware and No Customer Downside in Dell's Wall Street Return.)
Next page: VMware knows who's naughty and nice