Pioneering the Virtual Cloud Network:
VMware’s vision for the Virtual Cloud Network (VCN) aims to simplify complex heterogeneous computing environments by providing a single layer of infrastructure defined in software. NSX Data Center, the pioneer in software-defined networking, forms the foundation of this vision. NSX has expanded to public clouds (Amazon, Azure) and bare metal clouds, with Hybrid Connect enabling seamless workload movement across clouds. NSX-SD-WAN extends software-defined networking to the branch, driving substantial success. AppDefense provides deeper insights into application behavior, aligning network and infrastructure needs.

Key Milestones and Achievements:
VMware’s switch ports surpassed the entire industry’s shipment of physical switch ports, making it the most widely deployed switch globally. Over a million firewalls deployed, surpassing competitors in software-defined networking by a factor of 10. Collaboration with Intel resulted in a 500% throughput improvement using hardware acceleration. NSX has garnered 7,500 customers, including 82% of the Fortune 100, demonstrating its industry leadership.

Three Major Announcements:
NSX Everywhere: Progress in extending NSX across various platforms. Advances in Container Networking: Integration of NSX into containers. Adaptive Microsegmentation: A new technology that enhances network security.

Pillars of the Virtual Cloud Network Vision:
End-to-End Fabric: A software-defined, highly automated fabric with intrinsic security, spanning from mainframes to cloud-native applications. Simplicity and Consistency: Consistent policy enforcement across all infrastructure components, providing simplicity amidst complexity. Progress in Driving NSX Everywhere: Extension of NSX to native Amazon EC2 instances, VMware stack on Amazon cloud (VMC), and Azure. Integration into SD-WAN (VeloCloud) for improved branch networking. Integration into physical switches through partnership with Arista.

Background:
Arista achieved the milestone of becoming an S&P 500 company, reflecting its growing prominence in the industry. Enterprises increasingly seek the same scalability, automation, and efficiency benefits that cloud companies obtain from cloud networks.

Arista’s Solution:
Arista’s leaf-spine architecture and automation capabilities, proven successful in cloud environments, are equally applicable to enterprise networks. Legacy architectures hinder the adoption of this paradigm, requiring software and automation to deliver a one-click experience.

NSX and Arista Partnership:
Collaboration between VMware and Arista resulted in an open framework for policy integration between NSX and Arista switches. NSX security policies can be learned and downloaded as access lists into Arista switches, avoiding separate silos for security management.

Benefits of Integrated Security:
Single plane of policy administration eliminates discrepancies in security controls across different platforms. Security is initiated at the virtual workload level with NSX, providing protection within the application.

Open Environment:
The framework for policy integration is open and extensible, allowing other partners to join and contribute to an open environment for automation. The approach accommodates heterogeneous environments, enabling integration with different switching architectures and technologies.

Proprietary Approach:
Both companies emphasize the importance of avoiding a proprietary approach, relying on partnerships and open APIs to complement their strengths. VMware’s expertise lies in software virtualization, while Arista focuses on fabric management. This partnership enables customers to select the right tools for specific tasks, combining the strengths of both companies for optimal results.

Automation drives transformation: VMware’s vision involves automating time-consuming tasks that used to take 45 days to as little as 0.45 seconds to provide a one-click experience similar to public cloud. Simplifying complexity: VMware aims to simplify the complexities of programming firewall rules by creating an intuitive on-button experience. Streamlining deployment: NSX provides one-click deployment by integrating with container environments, offering support for Kubernetes, Red Hat, Pivotal, and Cloud Foundry. Connecting diverse platforms: VMware’s goal is to offer a consistent layer of infrastructure that seamlessly connects various platforms, enabling customers to choose their preferred platform without compromising connectivity. Demonstration of end-to-end connectivity: The demonstration showcases how NSX can establish end-to-end network connectivity across various components, including a brick-and-mortar site, an e-commerce front end, and a data center with database and mainframe components. Automating physical infrastructure integration: NSX collaborates with Arista Cloud Vision to automate the setup of Access Control Lists (ACLs) in the physical infrastructure, enabling rules to be applied with just a click of a button. Container networking integration: NSX offers seamless integration with containers, allowing developers to add container-based components to their applications and easily manage the networking aspect through the NSX dashboard. Centralized management and visibility: NSX provides a centralized dashboard for managing and monitoring all networking components, including virtual and containerized environments.

Full NSX Overview:
This segment aims to showcase the end-to-end network capabilities achieved using NSX technology. It begins by presenting the developer’s perspective, illustrating how NSX integrates with Kubernetes through YAML files, sets up security workgroups and virtual networks, and enables tracing of app-to-app communication within and across tiers.

Public Cloud Integration:
The demo proceeds to demonstrate the integration of NSX with the public cloud, including both Amazon and Azure. It allows the seamless extension of the on-premise network and security policies to cloud-hosted resources, simplifying network management across different platforms.

Branch Office Connectivity:
The demonstration then focuses on branch office connectivity, leveraging VeloCloud technology. It showcases the rapid provisioning and activation of a branch office network, enabling non-technical personnel to easily set up and manage the branch infrastructure.

Network Performance Optimization:
The demo highlights the real-time monitoring of network performance in the branch office, tracking metrics like packet loss, jitter, latency, and bandwidth. It demonstrates how the network performance optimizations provided by VMware VeloCloud enhance the quality of experience for applications running in the branch.

Quality of Experience:
The demo addresses the optimization of video applications within the store, considering the impact on customer experience. It demonstrates how the store manager can prioritize traffic to ensure that critical applications receive the necessary bandwidth for optimal performance.

Store Optimization:
The demo emphasizes the identification of resource-intensive applications, allowing the store manager to identify and prioritize applications that impact the overall network performance. By deprioritizing non-essential applications, the store can allocate more resources to critical business applications.

Conclusion:
The demonstration concludes by highlighting the power of NSX in providing an end-to-end network solution that seamlessly integrates on-premise, public cloud, and branch office networks. It showcases the ability of NSX to enhance network security, simplify management, and optimize application performance across the entire network infrastructure.

End-to-End Connectivity and Automation:
Transforms the concept of end-to-end connectivity across heterogeneous enterprises. Automation enhances efficiency, reducing months-long processes to minutes.

Intrinsic Security:
Goes beyond traditional security measures by rethinking the approach. Leverages the hypervisor’s unique visibility into data center elements for protection.

Drawbacks of Agent-Based Security:
Agents are difficult to manage and susceptible to agent bloat. Once an attacker gains root access, agents become ineffective due to limitations.

The Hypervisor as Super Root:
The hypervisor’s superior position allows for effective monitoring and enforcement. It prevents unauthorized modifications to production servers, ensuring integrity.

Known Good and Known Bad Lists:
VMware’s security approach focuses on the known good and known bad. It emphasizes enforcing common sense rules and preventing specific actions.

vSphere Platinum and Machine Learning:
vSphere Platinum integrates app defense technology, offering enhanced security features. Machine learning benefits from a larger population, enabling better pattern recognition. Detection of anomalies, such as root shells on web servers, is made possible.

AppDefense Overview:
AppDefense aims to revolutionize security by safeguarding systems against unauthorized modifications and protecting the known good. AppDefense leverages deep visibility into applications to prevent attackers from establishing a foothold and moving laterally.

Micro-Segmentation:
Micro-segmentation allows for the dynamic creation of firewall policies based on application understanding and infrastructure insights. It automatically adjusts rules to accommodate changes in application scaling or service movements.

Initial Attack Walkthrough:
A simulated attack on a three-tier application highlights the ease with which attackers can compromise systems. The attack involved exploiting vulnerabilities, dropping shells, and taking control of the database server.

AppDefense Defense Demonstration:
AppDefense automatically generates firewall policies based on application topology and behavior. The system locks down both compute and network resources, preventing the attacker from installing malicious software or stealing data. AppDefense effectively blocks live ransomware attacks, demonstrating its ability to protect against real-world threats.

Conclusion:
AppDefense and micro-segmentation represent a shift in security approach, focusing on protecting the known good rather than relying solely on identifying known threats. AppDefense offers a powerful and effective solution for organizations seeking to improve their security posture and mitigate the risk of attacks.

AppDefense-Enabled Alarm System:
AppDefense proactively monitors and alerts on suspicious activities, providing a detailed history of attack steps, including Petya installation attempts and PowerShell script executions. Alerts can be cleared for a cleaner interface and focused monitoring.

Policy Simplification:
The e-commerce site’s security policies are simplified when mapped visually. Policies can be easily adjusted by switching between alert and block modes for various processes, communications, and OS components. NSX and vSphere are utilized for automation, ensuring efficient enforcement.

Network Lockdown Effectiveness:
Locking down both compute and network prevents malicious activities, such as reverse TCP connections, from succeeding. The combined lockdown strategy is particularly effective for securing components that are difficult to firewall, like domain controllers, due to their extensive communication requirements.

Adaptive Security through Automation:
AppDefense integrates with various provisioning and automation systems, including Puppet, Ansible, Maven, and Jenkins. Automated processes remain synchronized with security measures, ensuring consistent protection during application changes.

Automatic Detection of Anomalous Network Behavior:
A machine learning model autonomously detected anomalous behavior in a Windows server’s communication patterns, specifically LSAS communicating over port 389.

Anomalous Behavior Classification:
The machine learning model, trained on extensive data from Goodware, identified the observed behavior as normal based on similar patterns observed in numerous other instances.

Declassification and Manifest Update:
Based on the machine learning model’s assessment, the system declassified the anomalous behavior as normal, updating the application manifest to reflect this change.

Automated Firewall Rule Update:
The system automatically updated the firewall rules in NSX to allow the newly identified normal behavior, ensuring seamless communication without human intervention.

Integration of Application Understanding and Automation:
The presentation highlighted the synergy between understanding application composition and automating security responses based on machine learning insights.

Efficiency and Security Convergence:
The speaker emphasized the concept of efficiency and security coexisting, showcasing how automated security measures can enhance security without compromising operational efficiency.

Introduction:
Tom Gillis presented the capabilities of NSX and its integration into various platforms. He emphasized the availability of these products and shared customer experiences with Brian Gillespie from Cerner and David Matthews from Sky.

Cerner’s Cloud Journey:
* Brian Gillespie, Senior Director at Cerner, highlighted their focus on the Cloud Center of Excellence.
* Their team manages governance, compliance, security, infrastructure, and operations to support DevOps teams.
* They aim to provide guardrails for self-service environments, enabling developers to innovate quickly while adhering to best practices and security controls.

Sky’s Transformation:
* David Matthews, from Sky, Europe’s largest media company, discussed their journey to align infrastructure with business requirements.
* Their goal is to empower developers to deliver new products and services rapidly in a competitive market.
* David emphasized the importance of meeting deadlines and ensuring reliable broadcast streams for live TV.

Addressing Complexity:
* Brian Gillespie highlighted the challenge of managing multiple clouds and the need for a unified platform.
* NSX provides a fundamental platform for implementing security and operational controls across various infrastructures.
* David Matthews shared that his team actively engages with security to provide tools and self-service capabilities that promote compliance and security without requiring users to consciously think about it.

Containerization:
* David Matthews spoke about Sky’s focus on containerization and rapid application development.
* The team’s early involvement with NSX-T for containers has been successful due to its support for various platforms, including vSphere, OpenStack, and bare metal.

An Overview of NSX:
NSX offers a comprehensive solution for managing and securing virtualized environments through a single fabric. It is available across multiple platforms, including public clouds, containers, and bare metal, providing consistent policy management. Integration with Kubernetes and Arista switches further expands NSX capabilities.

Migrating Legacy Applications to VMC:
VMC presented a suitable target for migrating legacy applications from a legacy data center due to its seamless integration with VMware platforms. The ability to migrate without rewriting applications for cloud-native environments made VMC an attractive option.

Building a Cohesive Infrastructure:
NSX aims to stitch together heterogeneous infrastructure components, creating a unified fabric for efficient policy management. The use of NSX in various environments, from core to cloud to edge, ensures consistent networking and security policies.

Key Takeaways:
NSX provides a comprehensive solution for heterogeneous environments, enabling consistent policy management across clouds, containers, and physical infrastructure. The integration of AppDefense with NSX and vSphere Platinum automates adaptive micro-segmentation, enhancing security. VMware will host a breakout session on security, showcasing AppDefense and its integration with vSphere. Sanjay’s session on SD-WAN provides insights into another widely sought-after solution. A raffle will be held, granting one lucky attendee a dinner with Tom Gillis and a golden ticket experience. 100 attendees will receive free VMUG and Coursera courses as part of the event.