VMware Strategy for Intrinsic Security and Zero Trust

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hello everybody sanjay poonen here ceo of vmware in addition to my job as running the front office revenue of the company sort of my night job has been driving the strategy of security of the company it's been a delight to talk to csos uh in the last few years has been ramping up that security strategy and i set myself a personal goal this year to try and talk to a thousand chief information security officers uh and before covet pit i thought i'd go to big conferences like rsa or black hat and meet a few hundred at a time and then ironically as covert hit i found it easier to do 25 30 minute calls where i'm both listening and sharing with them this roadmap that i thought to also unveil with you and the feedback's been spectacular in fact probably best encapsulated by this analyst article which is vmware is one of those best-kept secrets in it as it relates to security and an imminent leader in this space which we're very very excited about we today have over 20 000 customers and over a billion dollars in revenue not even probably a little known fact and it comes because we've had a focus in transforming everything vmware does is intended to be disruptively innovative we look at an industry and we think it's broken too many tools too many agents too many alerts too many consoles that you've got to integrate together a lot of labor involved in piecing this together it's almost like going to a doctor to ask her how to stay healthy and she says you've got to have 5 000 tablets you can't eat that many tablets if you're popping them one every 30 seconds it'll take you weeks so instead what do you do you make it part of your diet and so to speak you make it intrinsic and that same analog applies to security we want to move away from a bolted on siloed threat centric view to something that's a lot more built in a unified and focused on context absent data this is sort of like making that health part of your diet and having your proteins your vegetables your fruit your water and that's what vendors like us need to do in making security intrinsic to the infrastructure so you've seen this from vmware sort of our michelangelo painting or sculpture so to speak that we've unveiled a few years ago and i predict will be with us for years to come because we're chipping away at any cloud any application any device vmware's relevance to this infrastructure and the cloud layer we've become that de facto standard not just for the vm in vmware 70 million vms but increasingly that path to the cloud we had aws azure or google in the middle layer we've now become the leader in enterprise containers built on kubernetes with a significant investment there in our platform called tanzu in the top layer workspace one what was formerly acquired from airwatch six years ago has become now the leader in endpoint management and experiences and virtual desktops across apple devices ios or mac google devices chromebooks or microsoft devices windows 10. and we began to then layer security into that context where whether it's network security endpoint security you could break up endpoint into both a client-side endpoint and a workload identity cloud or analytics we felt there was a tremendous proposition from vmware to get closer to building infrastructure into the security layers where those 70 million virtual machines and now 80 million virtual switches or tens of millions of workspace one endpoints had security a lot more baked in now what does it do it makes each of those teams whether it's the infosec team that's handling uh the endpoint of the workload whether it's a network security team that's handling everything from data center networking to firewalls to load balancers and sd-wan or the end-user services team that's laying out devices laptop tablets and phones or the cloud security team that's building in that devops notion all of these and the products that vmware work in these areas for example nsx for network security carbon black for endpoint and workload security workspace one for all of the management experience of devices or cloud health all of these need to be best of breed and tied together vmware is the only company now that's got this entire portfolio where we're working a lot of it ourselves but also partnering effectively with many many companies let's go a little bit deeper into each of these areas and i want to start with the networking security area this is important we've been showing this chart from almost the get-go of our adventure into networking eight years ago we've been laboring at the space which is we're fundamentally sort of like the tesla of networking taking a very hardware defined labor-oriented picture and through software transforming it just the same way the value of a tesla is that incredible software updates and we can lower the cost of labor significantly because hardware defined architectures are prone to errors hard to debug and not ready for the cloud you reduce your spend on hardware because you prolong the life of hardware you certainly spend more on software and you reduce dramatically the cost of labor it's sort of like in labor it's like having a spell check that does the work for you it's the same way in terms of the automated aspects of what network security and policy management can bring to you in this architecture we've picked up four or five areas of network security and gone deep over the last seven or eight years this is not the last few months we've been working on this for years we started off in the data center networking area as an overlay on top of traditional hardware networks and now thousands of customers are using that we then advanced our customers assets to advance into more security capabilities in the firewall area we built ids ips micro segmentation all internal firewalls were finding customers getting rid of their legacy firewall architectures and going with vmware for nsx firewalls then we acquired a company two years ago named avi networks that's one of the next gen players in load balancing and customer says that's what we want because it's ready for the cloud it's software defined and now nsx load balancer integrated into that is a beautiful piece so all of what you see on the left hand side here is what's ready for the data center to modernize what's typically three or four different legacy hardware architectures appliance driven and the core proposition is making this software centric cloud first and intrinsically secure but then on the right hand side we began to see the advent of the branch office becoming just as important as the corporate office even well before covet we began to invest in that area and about three years ago we acquired a company velocloud that has now become the top right leader in the sd-wan magic quadrant from gartner and we become now a place where many customers in retail banking healthcare are doing with some incredible stories including during covet expanding some of the surge of their hospitals into uh you know rooms in in in the parking lot and in garages where extra beds existed we are serving customers an incredible way as the leader in this industry now this doesn't stop with just a branch enter this time of the pandemic and we are now not just the leader in many of these segments with 17 000 customers the only industry complete solution here that's software defined cloud-centric and security oriented but we've now advanced this in a new way that you'll see coming from us in what the analyst calls secure access service edge with the pandemic you don't want to be somewhere for example in peru backhauling through the data center into the cloud applications like office 365 what if we could bring all of these services to you where sd-wan and secure access through the kind of client access of vmware workspace one and network nsx firewall capabilities in the cloud and secure web gateways all of the web security capabilities like kasbi could be in one place in the cloud you could go directly to the cloud and subvert a lot of that extra work that is something that's game changing from the standpoint of a secure access service edge architecture so that's network security now let's get to endpoint security and what we're doing there again is disruptive to traditional players because of a fundamental equation see the previous architecture was built with a thick client that was signature based av and a client server architecture that architecture is old because what ends up happening is you end up having to install agent after agent after agent for all of the functionality that you need in a full endpoint security suite we saw that with workspace one where we were managing many of those endpoints laptop tablets and phones and customers said to us why don't you add security capabilities like antivirus endpoint detection and then we don't need to deal with all these multiple tools and agents that just weigh down the laptop and actually don't even do workload server security very well so that's why we bought carbon black a year ago and the first thing we did when we acquired carbon black was we poured a ton of r d and we said create that sort of legacy functionality but in the cloud and we've become now one of the leading security cloud players just like you have sales force that's innovating over siebel or workday that's innovating over peoplesoft you now have the carbon black cloud as a leading security cloud with a range of functionality that already exists today or is coming very soon in the next few weeks and months for a full endpoint protection security suite some of these are often separate companies i don't need to name them automatic remediation is a company vulnerability management's another company and the problem is each of those companies have their own agents our view is a thin sensor that's the architecture of carbon black with all the action in the cloud we will still maintain the on-premise products of carbon black but the future is this cloud architecture and on the bottom side are all of the platforms they're running the client side vmware is the best at doing heterogeneity so you should expect from us windows mac and linux the cloud site we have all these big cloud partners who partnered with us so you should expect from us aws azure and google and being able to natively secure but then for vmware workloads whether it's vms or containers we could do something extremely special and here's what it is number one you will see coming out around vmworld time carbon black agentless inside vsphere never been done before that's a that's incredible because now that we have the source code and the team of carbon black we can go deep inside vsphere that's a game changer now workspace one manages those laptops or tablets or phones why not add security and make the deployment experience unified of workspace one and carbon black you're gonna see that coming out from us in the next several months workspace one and carbon black together we call that workspace security now that we have network detection from our acquisition recently of last line and carbon black why not bring together ndr and edr which i'll talk about and much much more then we took this to the ecosystem for example the laptop vendors and said you need to make workspace security the combination of workspace one carbon black something that you put on the box almost at factory time and make it your default solution dell was the first to respond they were working with other partners in the past they've now anointed vmware workspace security the combination of workspace one and carbon black as their preferred solution and we're seeing all the other ecosystem now embrace vmware in this space now where is this headed it's to completely again like the network space to lower that cost of ownership where this mountain of harass of all these different point tools okay they're all decent on their own but add weight on the laptop could be reduced to a clean solution that is unified for management and security workspace security the combination of workspace and comply whereas this headed to create not just edr and ndr but this notion of what the analysts now call xdr where security analytics from all of these points of telemetry okay maybe it is the end point where you've got carbon black agents and workspace one kind of unified or it's the backend server agents which are connected to vsphere agentless there cloud foundation which has all of those nsx telemetry tanzu container telemetry which by the way we're doing some incredible stuff with carbon black and containers that will also show up soon based on acquisition we did of octarine that'll be part of the carbon black platform in due course so this incredible security analytics is very similar in the medical industry to the way in which you know drug research and so on is gone if you think about the possible cures for big diseases whether it's vaccines or maybe in the future alzheimer's or cancer it's because you run tremendous amount of ai software on all of this dna and a variety of the data and ultimately you solve some disease security is much the same way we run our ai and behavioral analytics we have some incredible threat research teams that have been growing and growing we run our ai algorithms on about one trillion events that we collect per day and out of that comes potential ways by which we can stop breaches even better network endpoint let's talk about cloud cloud security is very important because as you invest for example in aws or azure or google we began to hear from our cios and csos two problems number one they were spending more than they expected in the cloud because it's sort of like leaving the lights on a light doesn't turn off and you realize oh my gosh i'm spending more network costs than i needed to and one of those clouds so cloudhealth is a company we acquired has now 7 000 customers that optimizes the ways in which you can get the best out of those clouds and managing cost and security so for example you might be doing on-demand pricing with amazon and you should be using reserve instances it can tell you that similarly in the security area we found there was a breach that happened for example a financial services company that basically a malicious user took advantage of the configuration settings in one of the public clouds and was able to exfiltrate data about personal information and credit card information about consumers not a good thing how do we protect from that secure state a module of cloudhealth can now track all of these vulnerabilities the anomalies the threats and it has a database where it can correlate these risks give you real time visibility and context on top of all of the activity happening on aws azure and google a beautiful module that everyone in the cloud world will need for cloud security so both management and security some companies only do the security posture management but can't manage the cost we do both really really well now i wanted to cover a couple of partner solutions that are very important because vmware doesn't expect to do all of them data security when you're looking at cyber recovery our partner dell has a wonderful solution with an air gap capability for data vaulting which could be there through a dedicated private access you might have all of your uh you know traditional backup but then you've got something that's very specialized with security traditional backup solutions are challenged at doing this uh the data security solution from dell really takes that cyber recovery ball to the next level and you can certainly hear more from them and we have a number of other places what we've also done during this time of work from home or work from anywhere is picked a couple of our solutions and really tune them up into a holistic solution work from anywhere they are three components workspace one remember that thing that manages or provides virtual desktops like vdi carbon black and we've really done a lot of integration for example between vdi and carbon black we've optimized it better than anybody else and then also much of what i described between the workspace one and carbon black agents that's beautiful and then nsx for example velocloud is that faster accelerate from the home including the secure access server-side solution for a full cloud security suite you put these three a tri-factor of workspace one and carbon black and nsx in that use case we've certified it produced validated designs it's ready to go this is the industry's only solution for the best of breed uh work from home solutions and then we've gone and optimized it with the unified communications players zoom did the best work with them or teams or webex and also some of the specialized software vendors like for example epic in the medical records so you see us partnering very heavily and it's not just vmware working in many of these areas for example an identity we've chosen to partner with companies like octa who are the best at identity and directory systems and we can integrate seamlessly with them you're seeing vmware and email security companies like proofpoint have embraced the partnership with us so you're going to see vmware becoming not just hopefully a leader in many of the segments i described network endpoint cloud and security analytics but also creating an ecosystem of the best players uh partnering with us and this is what we are focused on the vmware portfolio will be best of breed in these areas workspace one endpoint management nsx in networking and network security carbon black and endpoint and workload security and cloud health in that management security proposition for the cloud so thank you very much i look forward to talking to many of you cesos i'll probably see you in a zoom call as i discuss this with you but this is what i have been talking uh in my dialogue with customers receiving great feedback from them and you're going to see vmware continue to innovate innovate if there's two things that drive vmware let me end of this note product innovation to have the best product in all those areas that we are committed to okay and we're very careful about which products and areas we work on and which one we don't work on and customer obsession these are the two engines that fuel the plane called vmware product innovation that's hopefully better than anybody else and customer obsession thank you very much be safe and keep well you
Info
Channel: VMware
Views: 10,354
Rating: 4.891892 out of 5
Keywords: vmware
Id: U3314EMF-dE
Channel Id: undefined
Length: 17min 36sec (1056 seconds)
Published: Thu Sep 10 2020
Related Videos
How VMware IT Deployed and Adopted Carbon Black Cloud
VMware
2.5K
VMware Blockchain for Financial Services Customers
VMware
2.3K
VMworld 2018 Europe Day 2 General Session
VMware
4.5K
5 Leadership Lessons from My Personal Journey – Sanjay Poonen
VMware
26K
Defining the Software Defined Data Center
VMware
28K
VMware Rock Stars: Sanjay Poonen
VMware
11K
VMworld 2019 US Day 1 General Session
VMware
25K
VMware vSphere: Networking - Standard Virtual Switch
VMware
173K
VMware Story – By Sanjay Poonen
VMware
41K
New Quarterly Series: VMware Multi-Cloud Briefing
VMware
2.1K
VMware PEX 2014 Keynote by Sanjay Poonen - Work at the Speed of Life in a Mobile Cloud Era
VMware
13K
The Software-Defined Data Center
VMware
85K
Sanjay Poonen at 2nd US India Conference, Haas School of Business, UC Berkeley, Sept 8, 2017
VMware
5.3K
VMware vSphere: Storage - Thick & Thin Provisioning
VMware
137K
vForum Online Keynote with Pat Gelsinger
VMware
1.7K
VMware’s Unique Architecture for Application Modernization and Multi-Cloud Use
VMware
986
VMware Cloud on AWS - Overview
VMware
28K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.