Security Update: 8 Advances in End-User Computing from VMware

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Security Update: 8 Advances in End-User Computing from VMware
Aug 232017
 

Employees across enterprise organizations in today&#rsquo;s mobile-cloud world expect simple user experiences to help them be productive. IT often runs into challenges supporting these expectations while keeping their environments secure.

Our team has focused on empowering organizations with an enterprise-secure approach and consumer-simple experience through a digital workspace. Employees can securely access any app, on any device in their own digital workspace provided by VMware Workspace ONE, powered by VMware AirWatch unified endpoint management technology.

Over the course of 2017, we&#rsquo;ve introduced many security capabilities across the Workspace ONE platform, which includes advancements in VMware Horizon 7 and VMware Horizon Cloud. Let&#rsquo;s take a closer look at those security capabilities, as well as existing security integrations and security features that elevate Workspace ONE to the digital workspace platform that organizations can trust.

1. Derived Credentials

Earlier this year, we announced our derived credentials solution as part of Workspace ONE. This was huge news for organizations mandated by certain directives, such as FIPS 201, that require use of smart cards, personal identification verification (PIV) or common access cards (CAC) for access to physical, logical and network resources.

Smart cards, PIV and CAC worked great on desktops and laptops, but the experience on mobile devices was poor and costly because special hardware was needed to read the cards. To help with this issue, the National Institute of Standards and Technology (NIST) updated FIPS 201 in 2013 and the following year released SP 800-157, with guidelines on how to generate and utilize alternative tokens, which they refer to as a derived PIV credentials, also commonly referred to as derived credentials or PIV-D. This helped provide better experience, implementation and deployment on mobile devices accessing physical, logical and network resources.

We released our derived credentials app, called VMware PIV-D Manager, that enables the use of derived credentials with native apps and profiles, VMware apps and third-party AirWatch SDK-enabled apps. PIV-D Manager even integrates with other derived credentials solution providers such as Entrust and Intercede.

2. Boxer S/MIME

VMware Boxer, one of our Workspace ONE productivity apps, is an integrated mobile email, calendar and contacts app that helps increase productivity by giving end users a great user experience. Security was a big focus on our Boxer app this year.

We started by enabling S/MIME support for sending and receiving signed and/or encrypted mail. S/MIME is a standard for public key encryption and signing of MIME (Multipurpose Internet Mail Extensions) data that allows for secure email exchange. Organizations have the option of signing an email for authenticity and/or encrypting email messages for an added layer of security.

3. Boxer Classification Markings

In various regulated industries, such as public sector, healthcare and financial, sensitive emails often need to be specifically marked or classified when they are sent and received. When it comes to email, messages typically get a classification appended in the subject line, top or bottom of the body, etc. For example, an email message should be marked &#rsquo;unclassified&#rdquo; or &#rsquo;secret&#rdquo; depending on the content of the email.

Earlier this year, we announced support for classification markings in the Boxer app, which integrates with the built-in Microsoft Exchange transport rules. This capability also integrates with TITUS, Boldon James and janusNET.

4. Boxer Information Rights Management

In addition to S/MIME and classification marking support, we added full support for information rights management (IRM). IRM is a form of data loss prevention (DLP), which can specify access permissions to email messages, including the ability to restrict copy-paste, restrict email forwarding, enforce email message content expiration and more. As you can tell, we put a lot of emphasis on email security through our Boxer app!

5. AirWatch & NSX Integration

AirWatch and NSX integration was introduced over a year ago, and the amount of customer interest in it hasn&#rsquo;t slowed down since. When apps on mobile devices have access to communicate to any resource in the data center, this represents a challenge for IT as the attack surface within the data center can be large.

The AirWatch and NSX integration aims to solve this problem by limiting each mobile app to only communicate to the server that it needs to talk to, using the tunneling capability in AirWatch and the micro-segmentation capability in NSX. Combining these two technologies vastly reduces the access footprint from the mobile device and the attack surface in the data center.

Organizations, like Vallejo Sanitation and Flood Control District, can raise their security posture from the mobile device to the data center using the AirWatch and NSX integration.This type of integration can also help organizations along their journey towards General Data Protection Regulation (GDPR) compliance, as data in transit utilizes AES-256 bit encryption.

VMworld 2017 Panel Discussion:

“Data Privacy, theGDPR &the Globalization of Compliance”

Add GRC3109PU via VMworld U.S. schedule builder.

AddGRC3109PE via VMworld Europe schedule builder.

6. Horizon & NSX Integration

We know that apps on mobile devices and data center resources can be tunneled and micro-segmented for an extra layer of security. We can take that same concept and apply it towards desktop virtualization.

Integrating Horizon and NSX, customers can effectively secure east-west traffic within the data center, preventing malware from spreading across the data center if a virtual desktop is compromised because each desktop is effectively isolated from other desktops. IT can quickly and easily administer networking and security policy that dynamically follows end users&#rsquo; virtual desktops and apps across infrastructure, devices and locations. This extra level of security takes desktop virtualization to a whole new level!

VMworld 2017 Breakout Session:

“Securing Your Horizon Virtualized Apps & Desktop Investments with NSX”

Add SIE2034BU via VMworld U.S. schedule builder.

Add SIE2034BE via VMworld Europe schedule builder.

7. Just-in-Time Management Platform (JMP)

We introduced JMP earlier this year, our next-generation desktop and application delivery platform, which enables fust-in-time desktops and apps. Imagine a virtual desktop that is created when a user logs in and destroyed when that user logs out. IT can set up a pool of virtual desktops that fits this model, including pools that can access the internet and pools that cannot, effectively creating separation parameters for higher security. Virtual desktops in each pool only get created when a user logs into a specific pool.

With the JMP platform extending across Horizon 7 and Horizon Cloud, IT has the ability to inject apps and user environment settings into the desktop the moment a user logs in. Having pristine desktops created at every login and destroyed at every logoff eliminates malware that the user may have accidentally installed during the session.

8. Smart Policies

Smart Policies are available in Horizon 7 and Horizon Cloud for IT to provide end users with a truly contextual user experience. For example, policies dynamically change depending on the device used or the location services are being accessed from.

True single sign-on (SSO) enables end-to-end authentication from Workspace ONE to Horizon virtual desktops and apps, for a secure and simple user experience. Users aren&#rsquo;t prompted for multiple logins once they&#rsquo;ve authenticated into the Workspace ONE portal. Client policies such as enabling or disabling clipboard redirection, USB, printing and more can be set by IT using Smart Policies. Horizon is certified to meet FIPS 140-2 and Common Criteria requirements as a result of the secure policies powered by Smart Policies.

For organizations looking for even more advanced security capabilities across Workspace ONE, look no further than Workspace ONE integrations with our ecosystem of mobile security leaders in the VMware Mobile Security Alliance. Workspace ONE integrates with technologies from our Mobile Threat Defense partners, Cloud Access Security Brokers partners and more to further enable comprehensive cybersecurity across mobile devices, apps, networks and cloud services.

Learn more about our end-user computing (EUC) security initiatives at VMworld U.S.andVMworld Europe. If you&#rsquo;re not attending VMworld, you still have time to register!

To learn more about the security capabilities in Workspace ONE, visit vmware.com/workspaceone.

The post Security Update: 8 Advances in End-User Computing from VMware appeared first on VMware End-User Computing Blog.

Is Standardization IT’s Friend or Foe—or Both?

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Is Standardization IT’s Friend or Foe—or Both?
Aug 102017
 

Exploring Part I of the *New* Digital Workspace Story Map

Getting the Digital Workspace Story Map Straight

Here at VMware, we have talked about the digital workspace story for years. But if you put 10 people in a room and ask them what a digital workspace is or how to get there, you will get at least 25 very interesting and very different answers.

The Journey to the Digital Workspace Story Map

Many of us technologists jump right into an architectural discussion or show off a cool demo focusing on self-service access. Others might point to an app catalog. Still others talk about a &#rsquo;virtual workspace,&#rdquo; where their virtual desktop is their &#rsquo;digital workspace.&#rdquo; Of course, they are all wrong and they are all right. This makes discussions about what it takes to create a digital workspace extremely tough.

Recently, a team across VMware—from product managers and marketers to engineers, designers and professional services architects—sat down with some talented artists and storytellers to create a digital workspace &#rsquo;story map.&#rdquo; The goal of the story map was to replace reams of fluffy whitepapers and never-ending slide decks (I get to say that since I am one of those marketing types who create them). We wanted to foster a richly visual dialog about the journey to the digital workspace. No products. No technology. Just the journey itself.

We took these ideas to some of our best customers and partners, and it was amazing to hear the excitement in their voices. They too struggled to articulate their own vision of the digital workspace to colleagues and management. We took their feedback and further refined the story map into the image we are proud to share with you today.

In some ways, I am loathe to annotate the story. Like the MAD magazine cartoons some of us grew up with (sorry if that reference is beyond your years … wait, no, I&#rsquo;m not…) the discovery and the details are half the fun. If you also enjoy a good puzzle, STOP NOW! Take a look at this section of the story map yourself and draw your own conclusions. When you&#rsquo;re ready to proceed, READ ON!

Part 1 of the Digital Workspace Story: Is Standardization IT&#rsquo;s Friend or Foe—or Both?

Standardization is in the DNA of probably anyone in IT, learned from process-oriented organizations. The concept of interchangeable parts popularized by Eli Whitney in the production of guns and cotton gins allowed manufacturers to better specialize labor, reduce production costs and permit better serviceability of increasingly complex machines. It is no surprise that we want to apply the same logic to IT by supplying modern tools of production (namely apps and devices) to today&#rsquo;s workforce.

By waging war on variables, IT is better able to achieve economies of scale.

  • If an organization standardizes on laptops, three standards are better than five.
  • If an organization is looking at office productivity apps, one is better than three.
  • And on and on from there.

From a serviceability perspective, I get it. Why reimage a laptop over the network if I can pop the top, plug a fresh SSD into the slot that I just took off a drive burner and then button it back up?

In the digital workspace story map, we show this idea of standardization with the Beetles and station wagons clogged on the packed highway. Every user should look like either a Beetle or a station wagon; depending on their job role, they get the keys to their car. It might not be the car they would choose, but it&#rsquo;s reliable—or at least IT will be there to fix it with their stash of backup parts.

This does not mean standards are unimportant. It just means the standards we need to care about in 2017 changed. Instead of standardizing on apps and devices or even web browsers, we standardize on APIs and service level agreements (SLAs), which are the new production frameworks for the mobile-cloud world.

Regardless of the standards, culture and policies of nearly every company, executives, line-of-business leaders and rogue-but-well-meaning employees do not want a Beetle or a station wagon. They want different apps and different devices. No matter how much IT wants to support these users, their production line is not equipped, ultimately leading to shadow IT.

Keeping with the transportation theme, it is no accident that IT is out fixing the &#rsquo;IT budget&#rdquo; potholes in the road. Under the weight of our legacy systems and continued focus on devices as assets, an increasing portion of our shrinking budgets continue to be spent on keeping the road open and drivable.

We believe the status quo is unsustainable.

Application growth, device advancements driven by consumer technologies and the ever-increasing expectations of both users and line-of-business leaders will cause traffic jams an emergency pothole crew cannot clear. Like many modern transportation systems, building a bigger road or a new bridge is not enough. We must think differently about how to move people from one place to another … and where those people are going.

That sets the stage for where many of us our today. In the next blog, we will talk about the transition to a digital workspace, the IT initiatives laying the groundwork for next-generation infrastructure and how organizations can plan for transformative change.

See the Digital Workspace Vision for Yourself—Live & In Technicolor

Thinking about heading to VMworld? VMworld is now the leading-industry event for End-User Computing (EUC) with nearly 100 dedicated sessions and a must-see showcase keynote specifically about the digital workspace. If you have not registered yet, there is no time like the present! Click here to get started.

Already registered for VMworld U.S.? Here&#rsquo;s your Vegas to-do list:

  • Click here to dive into the &#rsquo;empower the digital workspace&#rdquo; session catalog.
  • Click here to claim your seat to the digital workspace showcase keynote. Hurry! Seats are selling out fast!
  • Click here to see the four EUC sessions all VMworld attendees should join.

Joining us in Barcelona? Here are the links to the top digital workspace content at VMworld Europe:

  • Digital workspace session catalog.
  • Digital workspace showcase keynote.

Hear first hand how leading companies empower the digital workspace for transformation during VMworld. Register for the EUC Showcase keynote to hear their stories, dive into brand new innovations and much more. Seats are going fast, so register today!

The post Is Standardization IT&#rsquo;s Friend or Foe—or Both? appeared first on VMware End-User Computing Blog.

Driving Security Transformation: the Virtual Network Assessment

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Driving Security Transformation: the Virtual Network Assessment
Aug 042017
 

&#rsquo;A journey of a thousand miles must begin with a single step&#rdquo; – Lao Tzu

As a trusted partner, helping our customers to modernize their IT security infrastructure can feel like the proverbial journey of a thousand miles. Most traditional IT security architectures are ill equipped to handle the persistent and creative nature of today&#rsquo;s cyber security threats. The dynamic and very public nature of these threats have created a booming industry of new entrants into the security market. The result has been an expansion of opportunity for security-minded partners, but also a challenge in determining how to lead customers down a trusted path for security solutions. Some estimates have customers using an average of 70 or more security solutions in their current IT environments. At the same time, there is a growing need for a transformation in how we build, manage, and secure IT infrastructure. Traditional perimeter-based security models are ineffective, as proven by a steady stream of newsworthy hacks and data breaches.

In this expanding and complex cybersecurity landscape, where do we start? It can be overwhelming to keep up with the rapid pace of change in cybersecurity threats, and even more so in staying educated about the innovative solutions available to protect our customers. As Lao Tzu noted its starts with a single step. At VMware, we believe the first step is gaining visibility to the current state of traffic moving across our customers&#rsquo; virtual and physical infrastructure. Today, an average of 80% of security budgets are spent on data center perimeter security and monitoring tools such as firewalls. At the same time, 80% of network traffic actually takes place within the four walls of our customers&#rsquo; data centers. Fundamentally, this means our customers have visibility to 20% of what is taking place in their network at a given time. Before suggesting point products to patch against the latest threat, let us take time to gain visibility into our customers&#rsquo; networks, and make informed architectural recommendations.

Enter the Virtual Network Assessment (VNA) with VMware. A VNA utilizing a VMware tool called vRealize Network Insight helps our partners to provide their customers a holistic view of the traffic in their data center across the virtual and physical domains. Help your customers define how much traffic exists between VM&#rsquo;s, applications, VLANs, and VXLANs. Identify threat planes across physical networks, virtual domains, cloud, and mobile environments. Ultimately, a VNA will provide the intelligence and visibility necessary to map an executable journey to a more secure IT infrastructure. A VNA takes about one week, and installs remotely in under an hour.

The thousand-mile journey of transforming IT security architectures to combat the ever-expanding nature of cyber security threats can be daunting. Whether considering a mobile security strategy, securing next-generation cloud applications, or a micro-segmentation project, let VMware help you and your customers with a simple first step. Check out the Partner Virtual Network Assessment today and do not miss exciting sessions at Partner Exchange in Las Vegas including:

  • NSX Assessment-Led Selling
  • NSX Value Selling

Also make sure to stop by the SDDC Assessment Lounge at the Four Seasons Hotel to learn how VMware assessments can help you win more business. The lounge is located in the Desert Willow Room on Sunday, August 27, 1PM – 5PM, and Monday and Tuesday, August 28 and 29, 11AM – 5PM.

 

The post Driving Security Transformation: the Virtual Network Assessment appeared first on Power of Partnership.

Driving Security Transformation: the Virtual Network Assessment

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Driving Security Transformation: the Virtual Network Assessment
Aug 042017
 

&#rsquo;A journey of a thousand miles must begin with a single step&#rdquo; – Lao Tzu

As a trusted partner, helping our customers to modernize their IT security infrastructure can feel like the proverbial journey of a thousand miles. Most traditional IT security architectures are ill equipped to handle the persistent and creative nature of today&#rsquo;s cyber security threats. The dynamic and very public nature of these threats have created a booming industry of new entrants into the security market. The result has been an expansion of opportunity for security-minded partners, but also a challenge in determining how to lead customers down a trusted path for security solutions. Some estimates have customers using an average of 70 or more security solutions in their current IT environments. At the same time, there is a growing need for a transformation in how we build, manage, and secure IT infrastructure. Traditional perimeter-based security models are ineffective, as proven by a steady stream of newsworthy hacks and data breaches.

In this expanding and complex cybersecurity landscape, where do we start? It can be overwhelming to keep up with the rapid pace of change in cybersecurity threats, and even more so in staying educated about the innovative solutions available to protect our customers. As Lao Tzu noted its starts with a single step. At VMware, we believe the first step is gaining visibility to the current state of traffic moving across our customers&#rsquo; virtual and physical infrastructure. Today, an average of 80% of security budgets are spent on data center perimeter security and monitoring tools such as firewalls. At the same time, 80% of network traffic actually takes place within the four walls of our customers&#rsquo; data centers. Fundamentally, this means our customers have visibility to 20% of what is taking place in their network at a given time. Before suggesting point products to patch against the latest threat, let us take time to gain visibility into our customers&#rsquo; networks, and make informed architectural recommendations.

Enter the Virtual Network Assessment (VNA) with VMware. A VNA utilizing a VMware tool called vRealize Network Insight helps our partners to provide their customers a holistic view of the traffic in their data center across the virtual and physical domains. Help your customers define how much traffic exists between VM&#rsquo;s, applications, VLANs, and VXLANs. Identify threat planes across physical networks, virtual domains, cloud, and mobile environments. Ultimately, a VNA will provide the intelligence and visibility necessary to map an executable journey to a more secure IT infrastructure. A VNA takes about one week, and installs remotely in under an hour.

The thousand-mile journey of transforming IT security architectures to combat the ever-expanding nature of cyber security threats can be daunting. Whether considering a mobile security strategy, securing next-generation cloud applications, or a micro-segmentation project, let VMware help you and your customers with a simple first step. Check out the Partner Virtual Network Assessment today and do not miss exciting sessions at Partner Exchange in Las Vegas including:

  • NSX Assessment-Led Selling
  • NSX Value Selling

Also make sure to stop by the SDDC Assessment Lounge at the Four Seasons Hotel to learn how VMware assessments can help you win more business. The lounge is located in the Desert Willow Room on Sunday, August 27, 1PM – 5PM, and Monday and Tuesday, August 28 and 29, 11AM – 5PM.

 

The post Driving Security Transformation: the Virtual Network Assessment appeared first on Power of Partnership.

Hurry! Our 10 Most Popular EUC Sessions @ VMworld Are Filling Up Fast!

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Hurry! Our 10 Most Popular EUC Sessions @ VMworld Are Filling Up Fast!
Aug 032017
 

We&#rsquo;re less than one month away from VMworld. And with thousands already registered for what promises to be the biggest end-user computing (EUC) event of the year, space is nearly gone in our top sessions.

From an action-packed EUC spotlight keynote to immersive hands-on labs, VMworld promises to be the one EUC event you can&#rsquo;t afford to miss. Join us at VMworld. Get started here.

We have nearly 100 sessions dedicated to all things digital workspace, virtual desktops, enterprise apps, mobility, Windows 10, cloud and security. Our technical experts are ready to deliver immersive demo and lab experiences that will make you the hands-down expert in your company. Finally, VMware&#rsquo;s leadership team is unveiling major innovations and partner integrations for our industry-leading products: VMware Horizon, VMware Workspace ONE, VMware AirWatch, VMware App Volumes and so many more.

Already joining us? Here are the top 10 most popular EUC sessions at VMworld you cannot afford to miss:

1. Spotlight Keynote: Delivering New User Experiences with the Digital Workspace

Speakers:

  • Sumit Dhawan, SVP and GM End-User Computing, VMware
  • Shawn Bass, VP and CTO End-User Computing, VMware
  • Noah Wasmer, SVP Mobile Products, VMware

Add to your agenda:

  • VMworld U.S. session EDW7002KU
  • VMworld Europe session EDW7002KE

You cannot miss this spotlight keynote. Seriously, put it on your agenda ASAP! The who&#rsquo;s who in EUC will be on stage to share breaking product news, demo our powerful new technologies and feature the customers breaking the EUC mold at the biggest brands in the world.

On VMworld&#rsquo;s largest stage, you will hear from customers, partners and innovators at VMware who are building on intelligence to transform the way their organizations securely empower the workforce for a better user experience.

Forward-thinking IT leaders will share how they are creating digital workspace strategies to harness the power of new apps, devices and connected things to:

  • Transform business processes;
  • Drive engagement; and
  • Boost productivity for every employee.

Finally, hear breaking product news—and see these groundbreaking innovations in action—before we announce it to the rest of the world.

2. Spotlight Session: Evolution of Endpoint Management within a Digital Workspace

Speakers:

  • Hendrik Harder,Senior Manager Mobile IT,Siemens AG (VMworld U.S.)
  • Brian Link,Sr. Director, UX Strategy & Engineering,Capital One (VMworld U.S.)
  • Jürgen Bodtländer,VP Portfolio – and Partner Management,Deutsche Bahn (VMworld Europe)
  • Roberto Neto,Senior Service Manager Mobile IT,Siemens (VMworld Europe)
  • Noah Wasmer,SVP Mobile Products,VMware

Add to your agenda:

  • VMworld U.S. session UEM3155SU
  • VMworld Europe session UEM3155SE

Meeting user expectations for anywhere, anytime, any-device access is becoming increasingly complex for organizations that continue to live in silos of desktop, mobile, and every other kind of endpoint.

Join Noah Wasmer, Senior Vice President of Mobile Products at VMware, as he shares his perspective on the evolution of endpoint management into a device-agnostic platform enabling a smarter and more secure workspace for the business.

We turn the spotlight on our customers themselves as they share their journeys to radically transform PC management, unify management across desktop to the Internet of things and enable transformative experiences for users and IT.

3. Spotlight Session: Goodbye, VDI 1.0. Hello, VDI 2.0.

Speaker:

  • Shankar Iyer, SVP and GM Desktop Products, VMware

Add to your agenda:

  • VMworld U.S. session ADV3156SU
  • VMworld Europe session ADV3156SE

The digital workspace is about providing intuitive and secure access to all apps, including mobile, web, software-as-a-service and Windows apps. But supporting these Windows apps has evolved beyond VDI 1.0. IT organizations are cobbling together a basic solution to provision and broker access. Today, customers need a converged approach that:

  • Takes advantage of consolidated policy and management for contextual access.
  • Ties Windows desktop and app access directly into the digital workspace.
  • Harnesses the power of the software-defined data center.
  • Supports organizations on premises and in the cloud.

Join this session with Shankar Iyer and special guests to find out how VMware is bringing converged VDI and your end-to-end digital workspace to life.

4. TheTransformationofIdentity&AccessManagementin theAgeof theDigitalWorkspace

Speakers:

  • David Schira,Director of Architecture,Western Digital
  • Tony Kueh,Vice President, Product Management,VMware
  • Sridevi Ravuri,Sr. Director, R&D, Workspace ONE,VMware

Add to your agenda:

  • VMworld U.S. session SAAM3157SU

We are in the age of the digital workspace. Your users are clamoring for access to their data and apps from any device, including from personal devices. Your business expects IT to maintain security and eliminate the leakage of any sensitive information. How do you maintain this balance between end-user productivity and security? We believe the industry needs to evolve to focus on controlling access based on a new access control layer.

In this Spotlight Session, the VMware leadership team will discuss how Workspace ONE is built on a powerful access control layer that is dynamic, based on context. This access control layer in Workspace ONE transforms how organizations implement access control without compromising the end-user experience.

5. What&#rsquo;s New in Horizon 7: Technical Deep Dive

Speakers:

  • Tony Huynh, Director Product Management, VMware (VMworld U.S.)
  • John Wilkinson, Senior Consultant, VMware (VMworld Europe)
  • Graeme Gordon, Senior End User Computing Architect, VMware

Add to your agenda:

  • VMworld U.S. session ADV1586BU
  • VMworld Europe session ADV1586BE

Delivering desktop and applications just became even easier with Horizon 7 and the Just-in-Time Management platform. Provision faster and improve your management and how you scale using VMware Instant Clone technology for fast desktop and Remote Desktop Session Host (RDSH) provisioning, VMware App Volumes for real-time application delivery and VMware User Environment Manager for contextual policy management.

This session will give technical details and demos of the latest features and advancements of Horizon 7, including Instant Clones for RDSHs, virtual graphic processing unit (vGPU) support for Instant Clones, anonymous login and more.

6. Building a Multi-Cloud Strategy with Horizon Cloud Service

Speakers:

  • Shikha Mittal, Director of Product Management, VMware (VMworld U.S.)
  • Bharath Rangarajan, VP of Product Marketing, VMware (VMworld Europe)
  • Peter Brown, Director of R&D, VMware

Add to your agenda:

  • VMworld U.S. session ADV1604BU
  • VMworld Europe session ADV1604BE

Organizations are going from asking whether cloud is appropriate to adopting multiple clouds at the same time. They are relying on services from a mixture of private and public clouds depending on business needs and independent cloud strengths.

In this session, we will preview the latest addition to the service where you can now deliver Horizon Cloud on Microsoft Azure. You will learn how you can combine the benefits of remote desktops and applications as-a-service from VMware and the flexibility to choose a public, consumption-based IaaS like Azure, making it easier and more cost-effective to deploy and scale your digital workspace.

7. Digital Workspace & Security Transformation with Workspace ONE & Hybrid Cloud

Speakers:

  • TJ Vatsa, Principal Architect, VMware
  • Shawn Bass, VP & CTO End User Computing, VMware
  • John Drummond, Sr. Director of Information Systems, VMware
  • Aman Garg, Sr. Director, Technical Sales, VMware
  • Prab Kalra, Director, Technical Marketing, VMware

Add to your agenda:

  • VMworld U.S. session LDT3091PU
  • VMworld Europe session LDT3091PE

Follow the footsteps of VMware&#rsquo;s R&D, IT and field CTO ambassadors from the Professional Services (PS) organization to get real-life insight into how mobility and identity use cases can be successfully deployed and scaled on the hybrid cloud via Workspace ONE.

The VMware PS design approach covers the planning, designing, deployment, and measurement process for successful IT and business outcomes. This session is relevant to a variety of industry verticals, including but not limited to financial, healthcare, education, point-of-sale, services, high-tech, manufacturing, hospitality and others.

8. How Customers Overcame Challenges & Seized Opportunity with Windows 10

Speakers:

  • Cliff DuPuy, EdS, Technical Services Director, Mecklenburg County
  • Mark Dunkerley, Technology Manager, The Coca-Cola Company (Bottling Investments Group)
  • Ryan Kremkau, Director of Innovation/Strategy, Capital One
  • Mark Margevicius, Director of EUC Strategy and Chief Customer Advocate, VMware

Add to your agenda:

  • VMworld U.S. session UEM1797PU

According to Microsoft, more than 96% of customers are in a POC for Windows 10, but many struggle with how to move from POC to production. In this session, you will hear from customers who have successfully migrated to Windows 10 and support a variety of use cases, including branch office, remote worker, and line-of-business scenarios.

The customer panel will discuss challenges and pitfalls to avoid in migrating to Windows 10, the benefits of moving to the new OS and the value created from migrating to a modern management approach with AirWatch.

9. Ask the Experts: How to Enable Secure Access from Personal/BYO Devices & All Types of Users with Workspace ONE

Speakers:

  • Vikas Jain, Director, Product Management, Workspace ONE, VMware
  • Prab Kalra, Director, Technical Marketing, VMware

Add to your agenda:

  • VMworld U.S. session SAAM1684GU

More than ever before, you have a broad range of device types and users that want to access corporate resources. This includes employees, contractors, and contingent staff who need access, and oftentimes they want access from personal/BYO devices. How do you enable secure access without impacting end-user productivity?

This group discussion will feature experts who will walk you through security and access capabilities in Workspace ONE to ensure IT has the tools they need to protect corporate resources, regardless of the type of user or device.

10. An Insider&#rsquo;s View into Windows 10 Management with AirWatch: Technical Deep Dive

Speakers:

  • Jason Roszak, Product Manager, VMware (VMworld U.S.)
  • Gareth Kitson, Senior Systems Engineer, VMware (VMworld Europe)
  • Alexander Bruns, Digital Workplace Services & Solutions, DB Systel GmbH (VMworld Europe)

Add to your agenda:

  • VMworld U.S. session UEM1745BU
  • VMworld Europe session UEM1745BE

Traditional approaches to Windows management are expensive, complex for IT organizations, and restrictive for users. Windows 10 changes what’s possible for users, IT departments and businesses, including how devices can be managed with a modern mobile device management APIs, how updates occur and more.

We will provide a technical deep dive into some of the many changes and enhancements that have been added to Windows 10, such as enrollment, application delivery and patch management. In addition, we will compare traditional PC lifecycle management solutions to managing a Windows 10 computer using AirWatch and the resulting lower costs, greater security and improved end-user experience.

Bonus Session: Empowered Users & Rapid Returns: Lessons from the Digital Workspace

Learn more about VMware’s innovative digital workspace platform, VMware Workspace ONE.

Speaker:

  • Brian Gammage,Chief Market Technologist,VMware

Add to your agenda:

  • VMworld U.S. session UEM1404BU
  • VMworld Europe session UEM1404BE

The digital workspace redefines the user experience as centered around the person, rather than the things they use. It enables a fundamental transformation of the relationship between IT and users, from push-based control to demand-based choice. Access to corporate applications and data can be combined seamlessly with the user&#rsquo;s personal environment, without compromise to enterprise security or user privacy. Successful deployments deliver improved employee engagement and a significant return on investment.

In this session, we share lessons learned from our customers and offer a firsthand look at VMware&#rsquo;s own journey to the digital workspace.

Haven&#rsquo;t registered yet? Secure your spot in the top 10 popular EUC sessions today! Click here to start.

Because you liked this blog:

  • Add These 4 EUC Sessions to Your VMworld U.S. 2017 Agenda
  • New @ VMworld: Industry Workshops & Showcase for Financial Services, Healthcare, Government & Retail
  • Here&#rsquo;s What EUC Experts Can Expect at VMworld 2017

The post Hurry! Our 10 Most Popular EUC Sessions @ VMworld Are Filling Up Fast! appeared first on VMware End-User Computing Blog.

Aug 032017
 

I am pleased to announce the release of a brand new technical resource center called vSphere Central. This site brings together a variety of technical assets from VMware that helps users understand how vSphere works, how to implement various features, plan upgrades, and more. With content in a range of formats, including text, video, and rich media tools such as walkthrough demos, the goal is to be a one-stop shop for original and curated technical content on vSphere.

A highlight of the site in this first release is thevSphere 6.5 Topology and Upgrade Planning Tool. I encourage you to read more about this tool if you are planning to upgrade to vSphere 6.5 (and if you haven’t already, it’s the perfect time now that vSphere 6.5 Update 1 has been released).

We plan to add more content to this site over time, so please make sure to bookmark vspherecentral.vmware.com, and let us know what you’d like to see.

The post Welcome to vSphere Central! appeared first on VMware vSphere Blog.

I AM…all about transforming security

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für I AM…all about transforming security
Aug 012017
 

From 11 to 14 September 2017 VMworld Europe will be a trending topic. And not only in Barcelona. This year&#rsquo;s VMworld 2017 Europe has been designed for you and your peers. Agood preparation is half the work, so this year the content catalog is also available on time online.

Transform your security

In another blog we told you which program components you really should not miss if you want to know everything about digitizing your workspaces. However, when it comes to transforming the security within your organization, there is a lot to discover during VMworld 2017 Europe.

Looking for an introduction about transforming your security?
Do you find it difficult to determine where to start the transformation of security? Take a look at the spotlight session ‘Use Virtualization to Secure Application Infrastructure‘ [SAI3237SE]. After this spotlight session, the question is no longer “How do I protect the cloud?” but”How can I use the unique features of the cloud to transform security?”

Do you already have some security skills?
Are you looking for a session that gives your more than a first introduction? Don&#rsquo;t miss the following break-out sessions:

  • Security Policy Creation [SAI1384BE]
  • Deploying Security in a Brownfield Environment [SAI2371BE]
  • How VMware IT Is Securing Applications Using Micro-Segmentation And Third-Party Integrations With NSX [SAI2325BE]

For technical advanced people
Have you been involved for some time in the process of transforming the security within your organization and are you looking for more (technical) information? Make sure you don&#rsquo;t miss the group discussion “Designing Multilayered Security in the Software-Defined Data Center Using VMware vSphere 6.5.0a and VMware NSX 6.3” [SAI1414GE]. You will learn how a VMware vSphere and VMware NSX design can prevent an attack and protect the integrity of your information and organization.

Here&#rsquo;s another recommendation: the break-out session “Securing your VMware Horizon Virtualized Apps and Desktop Investments with NSX [SIE2034BE]”, creating a deep dive in the design and architecture nuances that are part of a successful micro-segmentation and network virtualization design within a virtual desktop infrastructure.

Business focus on security transformation
Do you look at security from a business perspective? Then join to the panel discussion “Data Privacy, the GDPR, and the Globalization of Compliance [GRC3109PE]” about all the opportunities and pitfalls.

Or follow the break-out session “Why VMware Might Just Be Your Most Important IT Security Company [SIE2709BE]” Focusing on why VMware technology is crucial for your organization to provide protection from the inside and effectively transform the security.

Register today and discover everything about transforming your security!
Book your ticket for VMworld 2017 Europe here!

Easy as 9.1.1-2-3: VMware AirWatch EMM Feature Pack Review

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Easy as 9.1.1-2-3: VMware AirWatch EMM Feature Pack Review
Jul 312017
 

Use the VMware AirWatch EMM feature pack review to learn about the added features added and bug fixes in the latest releases of the AirWatch Console.

VMware AirWatch EMM Feature Pack v9.1.3

Check out the latest features in theVMware AirWatch EMM Feature Pack v9.1.3 release!

New!Deploy Custom Bootstrap Packages for macOS

VMware AirWatch EMM Feature Packv9.1.2

The post Easy as 9.1.1-2-3: VMware AirWatch EMM Feature Pack Review appeared first on VMware End-User Computing Blog.

Transforming Security: Addressing Customer Challenges

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Transforming Security: Addressing Customer Challenges
Jul 272017
 

 

Your customers face security threats everywhere, every day. What can you do as a partner to help address the challenges customers face with transforming IT security?

Penton media recently sat down with Chris Campbell, Director of Product Marketing at VMware to talk about just this topic.

Listen to the FastChat and find out how you can help customers drive security transformation as Chris expands on:

  • The biggest customer challenges around security today
  • Why security interactions among silos is increasingly complex for customers
  • Simplifying security
  • What customers can expect by implementing a VMware security portfolio

VMware Partners – review our latest Transform Security campaign available via Partner Demand Center.

VMware is excited to further our partner&#rsquo;s success in driving security transformation for customers.

The post Transforming Security: Addressing Customer Challenges appeared first on Power of Partnership.

Learn about vSphere 6.5 at VMworld

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Learn about vSphere 6.5 at VMworld
Jul 262017
 

Ever since VMware released vSphere 6.5 late last year, the response from customers has been overwhelming positive. Customers have been especially excited by features such as enterprise-grade vCenter Server Appliance (VCSA), built-in encryption features, and a modern API set. Now that people have learned about these new capabilities, we decided for this year’s VMworld to present breakout sessions that focus more on the operation aspects of vSphere 6.5, such as architecture, deployment, and planning your upgrade. Of course, we still have a wide range of sessions covering such staple topics such as performance, troubleshooting, operations management, the new HTML5-based vSphere Client, PowerCLI, and more.

To help you plan your VMworld, we’ve put together a page that organizes all vSphere related sessions into topic areas and orders them by technical level. By consulting the VMworld 2017 vSphere course catalog, you’ll be able to find the sessions that are of interest to you and add them to your schedule. The list also includes Group Discussions, which are a great way to learn how your peers are using vSphere and provide feedback directly to product developers. We’ve also include both VMworld US and VMworld Europe sessions in the same list.

For quick reference, you can find this catalog at blogs.vmware.com/vsphere/vmworld.

We look forward to seeing you, whether in Las Vegas or Barcelona!

The post Learn about vSphere 6.5 at VMworld appeared first on VMware vSphere Blog.

Learn about vSphere 6.5 at VMworld

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Learn about vSphere 6.5 at VMworld
Jul 262017
 

Ever since VMware released vSphere 6.5 late last year, the response from customers has been overwhelming positive. Customers have been especially excited by features such as enterprise-grade vCenter Server Appliance (VCSA), built-in encryption features, and a modern API set. Now that people have learned about these new capabilities, we decided for this year’s VMworld to present breakout sessions that focus more on the operation aspects of vSphere 6.5, such as architecture, deployment, and planning your upgrade. Of course, we still have a wide range of sessions covering such staple topics such as performance, troubleshooting, operations management, the new HTML5-based vSphere Client, PowerCLI, and more.

To help you plan your VMworld, we’ve put together a page that organizes all vSphere related sessions into topic areas and orders them by technical level. By consulting the VMworld 2017 vSphere course catalog, you’ll be able to find the sessions that are of interest to you and add them to your schedule. The list also includes Group Discussions, which are a great way to learn how your peers are using vSphere and provide feedback directly to product developers. We’ve also include both VMworld US and VMworld Europe sessions in the same list.

For quick reference, you can find this catalog at blogs.vmware.com/vsphere/vmworld.

We look forward to seeing you, whether in Las Vegas or Barcelona!

The post Learn about vSphere 6.5 at VMworld appeared first on VMware vSphere Blog.

Using the vCenter Login Banner for RSA SecurID support

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Using the vCenter Login Banner for RSA SecurID support
Jul 192017
 

In vSphere 6.0 Update 2 we added the capability to use RSA SecurID for two-factor authentication (2FA) in to the web client (only). I wrote about that in a two part blog series. Part 1 and Part 2

I recently got an email from a customer asking me about the implementation of the RSA SecurID Agent in vSphere and that prompted this blog.

The initial inquiry was around SecurID PIN resets and the customer asked: “It seems like vSphere doesn’t support PIN resets. How can I help my folks who are logging in to vCenter if their PIN is expired?”

In this blog I’ll show you how editing the Login Banner can help you get your users to the right page to reset their RSA SecurID PIN.

RSA Authentication Agents Overview

In general terms, the component that speaks to the RSA Authentication Manager on the object you are protecting is called an RSA Authentication Agent. This comes in a number of forms. RSA supplies their own agent software for popular web servers and applications. They also provide Agent libraries for 3rd parties like VMware to integrate into their own solutions, like vCenter or VMware Horizon View.

If you install RSA’s web agents on Apache or IIS, it comes pre-loaded with a bunch of pages that manage PIN expiration and resetting. If you log in to a website protected by SecurID and your PIN has expired, it will lead you through a workflow to reset the PIN. See the example below:

vCenter/PSC Integration

The RSA SecurID agent that is integrated into the Platform Services Controller component of vCenter does not support PIN resets. This is not unusual. I used to work at RSA and have seen a large number of 3rd party solutions leverage the RSA SDK’s and don’t support these workflows. There are many reasons but mostly because of the management of additional testing required and that many customers use the RSA Self Service Console to centrally manage PIN resets.

Embedded or External PSC configurations

Configuration of the Login Banner is done not on the vCenter server but on the Platform Services Controller (PSC). In vSphere you can run a PSC as an embedded component of a vCenter Server Appliance (VCSA) or as a external virtual appliance. See Adam’s great breakdown on PSC topology here. If you are running an embedded PSC with your vCenter then you would log in to https://[vCenter]/PSC to make the changes.

If you are running external PSC’s you only need to make the change on one PSC. All changes to the banner will be replicated to other PSC in the SSO domain. This is different from configuring RSA SecurID as I called out in my RSA SecurID for vCenter blog series (Part 1 & Part 2). There you have to configure SecurID on all PSC’s so that any of those PSC’s can service the RSA authentication.

What if my PIN is expired?

If your PIN is expired and in need of reset then when you attempt to log in to vCenter/PSC you will get a failed login prompt. You’ll also be notified that your pin is expired with a notification that says “Please acquire a new pin” That’s expected behavior for any RSA Authentication agent. But where does the user go to reset that PIN? How can I at least direct people to the correct resource for resetting their RSA SecurID PIN?

Login Banner

As I mentioned above, I’m going to use the Login Banner to point people at the RSA Self Service Console for their PIN resets. The Login Banner was introduced (along with RSA SecurID support) in vSphere 6.0 U2. It has a number of options such as “Click for explicit consent”, a title and a message. When displayed on the login page the title is prepended by the words “I agree to“.

You would typically add in the title field “Terms and Conditions” or something similar so that the full sentence “I agree to Terms and Conditions” would be displayed. The words “Terms and Conditions” would then be a hyperlink to the “Messages” dialog box where you can put in additional information.

What I put in my title field was “Terms and Conditions. Click here if you are having RSA SecurID Login issues“.

Now the login box looks like this:

RSA Self Service Console

To get the end user to the RSA Self Service Console, I created a message similar to:

If you have login issues with RSA SecurID, please check that your PIN has not expired. Go to https://rsaselfservice.<company>.com

The hyperlink in the message isn’t active. I’m going to hazard a guess that it’s a security thing! The user logging in to vCenter can just copy/paste the link and open it in another browser tab/window. Here’s what the window looks like this.

I mentioned the RSA Self Service Console. That login process looks like this:

Wrap Up

So, to close this out, we’ve learned a couple of new things.

  1. When your PIN is expired you’ll be notified (I believe this is a change in 6.5)
  2. The Login Banner can be used to help point people at useful information

I hope this was useful information. If you have suggestions on other blog articles or feedback, just send me email at mfoley at vmware or via Twitter to @vspheresecurity or @mikefoley

Thanks for reading!

mike

The post Using the vCenter Login Banner for RSA SecurID support appeared first on VMware vSphere Blog.

Using the vCenter Login Banner for RSA SecurID support

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Using the vCenter Login Banner for RSA SecurID support
Jul 192017
 

In vSphere 6.0 Update 2 we added the capability to use RSA SecurID for two-factor authentication (2FA) in to the web client (only). I wrote about that in a two part blog series. Part 1 and Part 2

I recently got an email from a customer asking me about the implementation of the RSA SecurID Agent in vSphere and that prompted this blog.

The initial inquiry was around SecurID PIN resets and the customer asked: “It seems like vSphere doesn’t support PIN resets. How can I help my folks who are logging in to vCenter if their PIN is expired?”

In this blog I’ll show you how editing the Login Banner can help you get your users to the right page to reset their RSA SecurID PIN.

RSA Authentication Agents Overview

In general terms, the component that speaks to the RSA Authentication Manager on the object you are protecting is called an RSA Authentication Agent. This comes in a number of forms. RSA supplies their own agent software for popular web servers and applications. They also provide Agent libraries for 3rd parties like VMware to integrate into their own solutions, like vCenter or VMware Horizon View.

If you install RSA’s web agents on Apache or IIS, it comes pre-loaded with a bunch of pages that manage PIN expiration and resetting. If you log in to a website protected by SecurID and your PIN has expired, it will lead you through a workflow to reset the PIN. See the example below:

vCenter/PSC Integration

The RSA SecurID agent that is integrated into the Platform Services Controller component of vCenter does not support PIN resets. This is not unusual. I used to work at RSA and have seen a large number of 3rd party solutions leverage the RSA SDK’s and don’t support these workflows. There are many reasons but mostly because of the management of additional testing required and that many customers use the RSA Self Service Console to centrally manage PIN resets.

Embedded or External PSC configurations

Configuration of the Login Banner is done not on the vCenter server but on the Platform Services Controller (PSC). In vSphere you can run a PSC as an embedded component of a vCenter Server Appliance (VCSA) or as a external virtual appliance. See Adam’s great breakdown on PSC topology here. If you are running an embedded PSC with your vCenter then you would log in to https://[vCenter]/PSC to make the changes.

If you are running external PSC’s you only need to make the change on one PSC. All changes to the banner will be replicated to other PSC in the SSO domain. This is different from configuring RSA SecurID as I called out in my RSA SecurID for vCenter blog series (Part 1 & Part 2). There you have to configure SecurID on all PSC’s so that any of those PSC’s can service the RSA authentication.

What if my PIN is expired?

If your PIN is expired and in need of reset then when you attempt to log in to vCenter/PSC you will get a failed login prompt. You’ll also be notified that your pin is expired with a notification that says “Please acquire a new pin” That’s expected behavior for any RSA Authentication agent. But where does the user go to reset that PIN? How can I at least direct people to the correct resource for resetting their RSA SecurID PIN?

Login Banner

As I mentioned above, I’m going to use the Login Banner to point people at the RSA Self Service Console for their PIN resets. The Login Banner was introduced (along with RSA SecurID support) in vSphere 6.0 U2. It has a number of options such as “Click for explicit consent”, a title and a message. When displayed on the login page the title is prepended by the words “I agree to“.

You would typically add in the title field “Terms and Conditions” or something similar so that the full sentence “I agree to Terms and Conditions” would be displayed. The words “Terms and Conditions” would then be a hyperlink to the “Messages” dialog box where you can put in additional information.

What I put in my title field was “Terms and Conditions. Click here if you are having RSA SecurID Login issues“.

Now the login box looks like this:

RSA Self Service Console

To get the end user to the RSA Self Service Console, I created a message similar to:

If you have login issues with RSA SecurID, please check that your PIN has not expired. Go to https://rsaselfservice.<company>.com

The hyperlink in the message isn’t active. I’m going to hazard a guess that it’s a security thing! The user logging in to vCenter can just copy/paste the link and open it in another browser tab/window. Here’s what the window looks like this.

I mentioned the RSA Self Service Console. That login process looks like this:

Wrap Up

So, to close this out, we’ve learned a couple of new things.

  1. When your PIN is expired you’ll be notified (I believe this is a change in 6.5)
  2. The Login Banner can be used to help point people at useful information

I hope this was useful information. If you have suggestions on other blog articles or feedback, just send me email at mfoley at vmware or via Twitter to @vspheresecurity or @mikefoley

Thanks for reading!

mike

The post Using the vCenter Login Banner for RSA SecurID support appeared first on VMware vSphere Blog.

Transforming IT Security in Three Key Steps

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Transforming IT Security in Three Key Steps
Jul 192017
 

Several years ago, the CEO of a Fortune 100 company remarked: &#rsquo;If you went to bed last night as an industrial company, you&#rsquo;re going to wake up this morning as a software and analytics company.&#rdquo;

Today, these words are more true than ever—but so is the reality that the digital transformation in business has also given rise to significant changes across the IT landscape and, in turn, significant new challenges for IT security.

As people, devices, and objects become more connected, protecting all these connections and environments has become a top priority for many IT organizations. At the same time, it&#rsquo;s also become one of their biggest challenges. Securing each and every interaction between users, applications, and data is no easy feat—especially when you consider that securing these interactions needs to be done across environments that are constantly changing and increasingly dynamic.

So how do you mitigate risk in a world where IT complexity and &#rsquo;anytime, anywhere&#rdquo; digital interactions are growing exponentially? For organizations that are embracing cloud and virtualized environments, three common-sense steps—enabled by a ubiquitous software layer across the application infrastructure and endpoints that exists independently of the underlying physical infrastructure—are proving to be key for providing the visibility and control needed to maximize security across modern IT environments.

  • Secure the application infrastructure

While traditional data center security can provide adequate protection at the perimeter, it is not designed to provide sufficient visibility and control inside the data center. Virtualizing the application infrastructure, and compartmentalizing applications via network micro-segmentation, can help provide the protection needed against today&#rsquo;s increasingly sophisticated attacks.

  • Secure identity and endpoints

As mobility, BYOD, and IoT initiatives proliferate, so too does the complexity of managing an ever-widening variety of devices. Virtualization can help verify user identity and device posture, providing true visibility and control that extend into the data center or cloud, where the application infrastructure resides.

  • Streamline compliance

Managing risk and maintaining compliance are major challenges, made even more difficult as organizations make the transition from on-premises data centers to cloud. Virtualization helps enable a more holistic approach to meeting compliance demands by providing an ideal location to implement controls and gain visibility.

Of course, this is just a brief overview of how a purposeful software layer that spans from infrastructure to endpoint can help transform IT security for today&#rsquo;s organizations. For a more detailed discussion, please read the VMware solution overview entitled, &#rsquo;Three Key Steps to Transforming IT Security.&#rdquo;

Learn more about Transform Security here.

Join Us Online

  • Twitter: com/vmware
  • Facebook: www.facebook.com/vmware

 

The post Transforming IT Security in Three Key Steps appeared first on Network Virtualization.

Networking Challenges in OpenStack Clouds

 Allgemein, Cloud, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für Networking Challenges in OpenStack Clouds
Jul 132017
 

Did you decided that is time to implement OpenStack to build your Cloud? Have you tested in the lab? Evaluated many distributions available and hired specialized OpenStack resources? However, when the environment goes into production, Neutron is not integrating with the physical network?

If the above story closely resembles what you have faced, this post will unconceal the many challenges of Networking with any OpenStack distribution and how VMware NSX is the missing piece for your Cloud.

Networking and Security Challenges with OpenStack

Since its creation, the biggest challenges of OpenStack Clouds implementations are automation, integration and orchestration of the required networking and security components at the physical infrastructure layer. The main difficulty is that these environments are extremely heterogeneous and most of the devices do not have an open and programmable interface for configuration and, thus, the initial way of running OpenStack was to pre-provisioning the network manually and only use basics functionalities when implementing security services.

With the rise of Network Virtualization solutions and evolution of Open vSwitch, some of these challenges were solved, making it possible to create an abstraction layer from the physical elements of infrastructure and automate the virtual network through the programmable interface of Network Virtualization solutions.

However, the Neutron project (responsible for managing all OpenStack Cloud Security and Network services) has been undergoing constant modifications, especially regarding the need for more advanced functionalities, such as dynamic routing, VPN , firewall functionality and others. With those constant changes, maturity, consistency and resilience were eventually undermined.

If you are interested in how VMware is currently contributing to OpenStack community, please read Scott Lowe‘s post – Making OpenStack Neutron Better for Everyone – on our VMware OpenStack Blog.

The table below, extracted from the 2017 OpenStack Foundation User Survey, exemplifies which features of Neutron that are being used the most or currently required in the majority of OpenStack Clouds.

Growth without planning has brought major challenges to the Neutron project. What is most debated today is whether the architecture of this project needs to be reworked, in order to simplify its use and improve its integration with Network Virtualization Solutions.

VMware NSX Integration with OpenStack

Few companies today are using OpenStack in production without a networkvirtualization platform, and those that are not, usually face major challenges like the ones mentioned above.

The benefits that VMware NSX brings to Neutron can be listed below:

  • Agility: Create Networks at the same speed as the applications;
  • Mobility: Provision and mobility of instances;
  • Security: Micro-segmentation and chaining of partner services for advanced features;
  • Multi-tenant: Possibility of using shared infrastructure among multiple tenants;
  • Simplified Operations: Centralized control and single monitoring;

As mentioned, the challenges with Neutron can be addressed with NSX as follows:

  • Simplified implementation of Neutron services;
  • Stability, scalability and high availability;
  • Continuous development of new functionalities;
  • Higher performance due to distributed NSX architecture;
  • Management, Day 2 Operations, and native Troubleshooting Tools in NSX;

To perform integration with Neutron, VMware NSX has an open plugin available on the GitHub page that can be used by any OpenStack distribution or implementation.

This plugin translates the Neutron APIs calls into NSX APIs calls at the NSX Manager and thus builds the network and security services. The figure below exemplifies and shows an example of what can be deployed using this approach:

VMware NSX supports OpenStack environments regardless of the underlying hypervisors and has plug-ins available for any OpenStack distribution to use its benefits.

Meet some of our customers who are benefiting not only from NSX, but also from VMware Integrated OpenStack at the links below:

  • HedgeServ – https://youtu.be/NFcIa314X5k
  • Rakuten – https://youtu.be/11ew7zEPOso
  • Charter – https://youtu.be/mw6fdkpvzoY
  • Amadeus – https://youtu.be/HmdqPDK-cLY
  • IBM – https://youtu.be/4a3EeROQTxI

On the Road

If you would like to understand more about this topic, I will be delivering sessions regarding Networking and Security Challenges in the following events:

VMworld’17 – Las Vegas – USA

August 27 – 31, 2017

Mandalay Bay Hotel & Convention Center
3950 S Las Vegas Blvd
Las Vegas, NV – 89119 – USA

My session will be Tuesday, 29th August at 4pm.

To know more about VMworld’17 click here.

OpenStack Day 2017 – São Paulo – Brazil

Saturday, July 15, 2017, 08:30 a.m. to 8:00 p.m.

Gamaro Theater
Doctor Almeida Lima, 1176 Mooca
São Paulo, SP – 03164-000 – Brazil

My session will be at 2:40pm at the main stage.

To know more about OpenStack Day São Paulo click here.

If you have the opportunity to be in any of these events, don’t hesitate to reach me!

I hope you have enjoyed this post and contact me if you have any questions.

 

The post Networking Challenges in OpenStack Clouds appeared first on Network Virtualization.