“Virtualization’s true promise is as a tool for mobility and availability,” Steve Herrod said in an interview in the Cube and webcast over SiliconAngle.TV from VMworld 2011 (full video below).
“We’ve done a pretty good job with compute and storage in making things mobile in the sense of being available wherever I need them. Now with VXLAN we’re bringing that same innovation around virtualization right into the core network.” This, he told Wikibon Co-founder David Vellante and SiliconAngle Founder John Furrier, will be a focus area for the coming year.
Another very important area that needs development, he admitted, is security. vShield has created a framework, and the security industry – in particular Semantic, McAfee, and RSA – are developing products to add to that architecture, and a lot is going to happen in the next year. And security is part of everything VMware does, he said. For instance vSphere 5 is a smaller product because “the smaller the target the more secure it is.”
“VMware is by necessity changing how security works,” Herrod said. Physical security is based on putting “bumps in the wire” such as firewalls at the boundary between the public and private network. But a virtualized environment has by its nature no places to put these border guardians. “So vShield is about recognizing a more mobile world.”
Instead virtualized security needs to be intelligent. It should recognize each application and understand what security it needs in detail. Then the security system can provide a customized security shield for each application. In theory this will be more secure than the physical security of the past. “When you are trying to create a firewall to protect a lot of things you end up doing a sort of lowest-common-denominator security. But with virtualization the security can be aware of that application and provide the tightest customized security possible to meet that application’s needs.”
Looking out over the coming year, he said the emphasis will be on performance, availability, and security. He promised that a lot of products would be coming out over the next 12 months. “The concept is any application, any data, on any device. We want to create the switchboard operator in the middle, and next year you will see that in shipping form.”