Friday 15 September 2017

VMworld Europe 2017 - General Session Keynote

I attended my second VMworld this year, which you may find odd as I rarely blog about virtualisation or VMware.  VMware is changing and security is now more apparent in the solutions and roadmap.  

On Tuesday 12th September, we had a General Session Keynote from Pat Gelsinger - VMware CEO.

The VMware vision was similar to the previous year, but there are new partnerships with telcos, moving the telco networks closer to cloud, as well as the growth of IoT.

Gelsinger talked about the mix of devices, applications, and platforms causing the core challenge.  There needs to be anywhere access for people to the applications, but it's complicated.  There is a mass of devices, applications, services and security.

He is only reiterating the challenges securities have been facing for a number of years, with the increase in Shadow IT, less complimentary but highly connected applications, and uncertainty of any associated security.

Workspace One is the solution, grown from AirWatch to supporting iOS, to work with many more operating systems, including Google Chrome.  

MDM (Mobile Device Management) solutions have had to grow into EMM (Enterprise Mobility Management) solutions, w here it's no longer just the management of the device, but also the applications, the content, the availability and in my world, the identity and security.

Gelsinger moved to security, highlighting the target has moved form just applications and data, to user infrastructure, including users and devices, but also cloud infrastructure of the network and compute, as these are seemingly under the control of the security team.

The gasps when some of the audience was shocked with this slide, where the security guys have been working with and understanding a number of different areas.  Security people know that security spend is increasing, but the cost of breaches are increasing even quicker.  As Gelsinger says, "your spending more and falling further behind", "something is broken" and "we the tech industry have failed you the customers".  "We need a new approach"

There needs to be move from infrastructure to secure infrastructure.  Security needs to be built in, not an after thought, as I have been saying for a number of years.  There needs to be an integrated ecosystem, leveraging quality solutions and products, where you do not excel.  All of this with cyber hygiene regime. 

I'm glad that a tech giant like VMware is embracing cyber security and embracing the areas, I believe are the most important.  The pillars of cyber hygiene are important for every environment.  

Least Privilege, Micro-segmentation, Encryption, Multi-Factor Authentication and Patching, have been evangelised by security experts for a number of years.  So great to these elements are now considered mainstream.

As expected the EU General Data Protection Regulation (EU GDPR) came up in the keynote, and of course VMware are able to support the regulation by securing the data, automating governance and secure operations.

Gelsinger introduced VMware AppDefense and how it helps the security challenge able to capture, detect and respond.

VMware approach is looking at the security challenges of a business, without the business itself becoming a security expert.

I think it's a very exciting time for a security person to be looking at VMware, and I'm glad I was at VMworld Europe 2017 to see this for myself.

For those unable to attend, the General Session is available to watch here: (where I also got the screen grabs, as the photos didn't come out so well)