VMware Touts NSX Software-Defined Networking As Linchpin For Enterprise Security, Hybrid Clouds

VMware spent $1.2 billion to acquire software-defined networking startup Nicira more than three years ago, and now it's pitching the technology -- known as NSX -- as a way to solve tough enterprise security and cloud computing challenges.

In an interview at VMware's VMworld conference last week, Dominick Delfino, vice president of worldwide systems engineering at VMware, said NSX provides a level of network security that firewalls and other traditional technologies can't match.

VMware calls this aspect of NSX "micro-segmentation," and it's all about preventing an attacker from moving laterally within a network after a breach. In several recent high-profile breaches, soft internal network security has enabled attackers to steal valuable intellectual property and customer data.

[Related: 19 Scenes That Show VMware's VMworld Conference Is Crazier Than Ever]

Sponsored post

Delfino said existing enterprise security technologies are costly and ineffective at stopping these sorts of disasters from happening.

"By and large, most people who have tried to apply traditional methodologies and technologies in their segmentation initiatives have failed miserably. They've driven up cost massively from a [capital expenditure] perspective," Delfino added.

VMware, Palo Alto, Calif., believes the never-ending drumbeat of security breaches could focus more attention on NSX. The vendor is also pitching NSX's security capabilities as a way for customers to use hybrid clouds that involve a mix of private and public cloud infrastructure.

In a demo at VMworld, Guido Appenzeller, chief technology strategy officer in VMware's Networking and Security business unit, showed how virtual machines can be spun up on the Amazon Web Services cloud as secure members of an on-premise NSX network.

The demo -- which featured 500 VMs spun up across three continents and seven data centers -- took less than five minutes and showed how NSX can be a key technology for hybrid cloud scenarios, said Bill Schell, president of August Schell, a Rockville, Md.-based VMware partner who attended the demo session at VMworld.

Moving application workloads to a public cloud is tricky because the associated data must be transferred outside a customer's private network. But Schell said NSX secures this data in a way that's not possible with traditional security technologies, and he thinks this could get his larger customers on board with hybrid cloud scenarios.

"NSX is the enabling technology that will finally permit our federal customers to leverage public cloud resources while maintaining data security," said Schell.

NSX is also part of VMware's "cross-cloud vMotion" technology, which allows running virtual machines to be moved from a private cloud to a public cloud. VMware executives gave a live demo in the VMworld keynote that showed a running VM being moved from a VMware private cloud to vCloud Air.

NSX makes it possible for VMs to maintain their networking and security profiles as they move in between clouds, and right now, only VMware offers this, according to Delfino.

"We're the only ones who figured out how to do that," Delfino told CRN. "It requires a technology that not only has a view out into the network, but also up into the host as well."

VMware hasn't provided insight into sales and customer growth for its public cloud, but it's perceived in the channel as an also-ran in a space dominated by AWS and Microsoft Azure. VMware is hoping that NSX will help move the needle.

Delfino, who joined VMware last year after 14 years at Cisco Systems, said one large VMware customer, which he wouldn't name, has been moving workloads back and forth between its private cloud and vCloud Air since January.

"They don't have to worry about any changes from a networking or security perspective," Delfino said. "I think this is very much a mainstream use case."