VMware Inc. is stepping up its multicloud game today and intensifying its embrace of the Kubernetes orchestrator for software containers with a set of announcements at the VMWorld conference opening today.

Building on its large base of users of its hypervisor, the company is introducing VMware Cross-Cloud Services, a group of integrated services that let users build, run and secure applications across any cloud with a common set of commands. VMware said 75% of its customers currently use two or more public clouds, and 40% use three or more.

The new service enables customers to pick and choose the services and cloud platforms they want with a common platform for building and deploying cloud-native applications, cloudlike infrastructure for their own applications, cross-cloud performance management and a common set of security policies.

Other multicloud announcements being made today include a managed version of the company’s Tanzu application modernization toolkit, new cross-cloud features in Tanzu, a free community version of Tanzu, a product portfolio for managing applications at the edge, and new security features around the zero trust security architecture.

Tanzu party

Tanzu, which VMware has been expanding and heavily promoting since its announcement two years ago, undergird’s the vendor’s strategy for riding the wave of enthusiasm for Kubernetes. Customers can use Tanzu to build cloud-native applications as well as to modernize existing software. VMware said Tanzu services will be integrated into its VMware Cloud on Amazon Web Services Inc. infrastructure beginning in the third quarter of next year.

New capabilities being announced for Tanzu this week allow operators to create pre-approved paths to production for developers that integrate Kubernetes resources and existing toolchains, improve developer tooling to avoid degraded plug-ins, and upgraded security features that allow operators to specify how endpoints and credentials of data services are exposed to workloads in a portable way.

The new Tanzu Community Edition is a community-supported, open-source software distribution that can be installed and configured in minutes on a local workstation or cloud. “It’s the same open-source software that’s at the core of the commercial editions,” said Dormain Drewitz, product marketing and content strategy at VMware. “It’s about giving people that no-cost entry point to get started.”

In a related move, VMware is announcing a free tier of VMware Tanzu Mission Control, which is used for multicloud, multicluster Kubernetes management. Tanzu Mission Control Starter is available as a service and can be used to gain global visibility and policy control over both VMware and non-VMware Kubernetes clusters on-premises and in any public cloud.

VMworld will also serve as a launchpad for a host of other new and enhanced services in the areas of security, edge computing and multicloud management.

On the edge

VMware Edge is a product portfolio that will enable organizations to run, manage and secure applications that live at the edge of the network across multiple clouds and locations. Edge applications are typically located close to the points where data is created or used and where roundtrips to a central cloud are impractical.

VMware Edge Compute Stack is a combined virtual machine and container-based stack that enables organizations to modernize and secure edge-native applications at the so-called “far edge.” That typically describes devices that are in the field.

Available in standard, advanced and enterprise editions, the package combines software-defined wide-area network capabilities with zero trust network access and firewall capabilities. It’s also integrated with the ruggedized VxRail D Series of hyperconverged infrastructure from Dell EMC that it optimized for edge deployment.

Enhancements to VMware Cloud, the cloud-based version of the vendor’s on-premises infrastructure stack, include a new portfolio of managed Kubernetes services for application modernization, simpler and more secure deployment, and better support for sovereign clouds.

VMware Cloud will also be available on AWS’ on-premises Outposts infrastructure in the third quarter of next year. It will also be rolled out in a managed service configuration for on-premises deployment with built-in access to more than 200 native AWS services.

Enhancements to the vRealize cloud management suite enhancements deliver cloud-agnostic provisioning, proactive monitoring, capacity and cost optimization along with application-aware troubleshooting and full network visibility across all cloud environments, VMware said. A new adviser feature helps identify issues before they become major problems. A scale-out distributed architecture and a cloud-based  delivery model are also being deployed for better security and data protection.

Zero trust everywhere

In the security realm, VMware said it will make it easier for customers to provide consistent zero-trust security across endpoints, virtual machines and containers. It’s adding secure workload access for zero-trust environments inside clouds and data centers, elastic application security at the edge, VMware-branded disaster recovery, Carbon Black ransomware protection and visibility and security services it acquired with CloudHealth Technologies Inc.

VMware already processes more than 8.4 trillion security events a week and “has stopped more than 90 million ransomware attacks in the past 90 days,” said Tom Gillis, senior vice president and general manager of the vendor’s networking and advanced security business group.

VMware aims to “take the traditional data center firewall and turn it upside down,” Gillis said. Its approach will be to harden the workload itself and build Carbon Black services for lifecycle management, vulnerability management and endpoint protection “into vSphere so it’s brain-dead easy to deploy,” he said. The company has also developed technology to monitor the “east-west” traffic that moves between devices on a network and is a common vulnerability point for ransomware.

“We’ve built a whole new set of security capabilities into the application development lifecycle so we’re constantly checking the integrity of images and then at runtime we can wrap and harden the operating system,” Gillis said. “East-west controls for containers look at the inner workings and understand the hundreds or thousands of APIs that are in use.”

Additionally, the company said, its Tanzu Service Mesh Advanced edition now has enhanced visibility, discovery and security for application programming interfaces. Those APIs enable developers and security teams to get a better understanding of how APIs are communicating, even across multicloud environments.

Photo: Robert Hof/SiliconANGLE