Broadcom Inc. today unveiled the latest version of VMware Cloud Foundation, calling it “the future” of the company’s private cloud platform.

Broadcom said the new release simplifies private cloud deployment, consumption and operations while delivering public cloud-like scale, security, resilience and performance. The new release being announced at the VMware Explore conference in Las Vegas features a self-service cloud portal for provisioning services and reduces the total number of management consoles from more than a dozen to just one. New integrated workflows simplify the transition between operations and automation tasks.

Broadcom cited an International Data Corp. study it sponsored that reported that VCF delivers an average of 34% lower infrastructure costs, a 42% lower overall cost-of-operation and a 564% three-year return on investment.

“Traditional legacy architecture is not working in terms of being able to bring governance, control and agility to a cloud because you’ve got different teams managing different environments,” said Paul Turner, vice president of products at the VCF division at Broadcom. “It’s taking a 40% additional server footprint to run existing environments. It’s costing you $2,307 more per workload.”

Expanded VCF Import reduces the complexity of manual migrations of existing environments into VCF and adds the ability to import VMware NSX, vDefend, Avi Load Balancer and more complex storage topologies.

“Customers don’t need to redeploy; they just need to configure VCF, point it at their existing environment, and get all of the capability for fleet management and delivery of an automation platform for their application users and developers,” Turner said. “We make sure everything is compliant with your spec and can be compared against standards that you need to implement as a governed organization.”

A new advanced memory tiering capability using nonvolatile memory extended to reduce latency and speed throughput, which is useful in artificial intelligence training and inferencing.

Simpler management

To simplify deployment and management, VCF 9 integrates multitenant capabilities that were previously provided separately by VMware Cloud Director. That enables information technology teams to support multiple organizations and development teams on the same shared infrastructure with segmentation for access, workload management, security and privacy.

“This means we can organize resources and allocate resources and rights and entitlements and policies based on different tenant groups,” Turner said. “This allows service providers to isolate their environment and IT organizations can do the same.”

Native virtual private cloud capabilities enable users to access self-service isolated connectivity without virtual local area network complexities for integration with existing networks. Native VPCs can be enhanced with services like vDefend and Avi Load Balancer.

Native security operations are centralized in a single information hub. Remote snapshot replication in vSAN storage maintains a deep history of immutable snapshots, reducing downtime with disaster recovery orchestration though a unified appliance.

VDefend has been expanded with distributed firewall rule impact analysis to help simplify micro-segmentation, distributed intrusion detection and prevention enhancements and support for large, dense and multi-instance VCF environments.

Security copilot

Project Cypress for vDefend is a new generative AI-driven co-pilot that security analysts can use to interact with vDefend through a natural language interface. Cyprus can provide detailed explanation with full context.

“Project Cyprus will help reduce false positives in a significant way,” said Umesh Mahajan, general manager of the advanced networking and security division at Broadcom. “Cyprus can provide detailed explanation with full context. For example, if there is command and control traffic in an attack that matches the crypto signature for ransomware, Cypress can guide the [security operations center ]analyst with remediation strategies to block threats and it can apply security policies IPS for real-time enforcement.”

Existing VCF 9 security configurations can now be imported into vDefend. Enhancements to vDefend’s analytic capabilities allow users to more quickly identify and eliminate rules that don’t improve security effectiveness. Dynamic policy analysis allows organizations to reduce their attack surface by weeding out overly permissive, ineffective and redundant rules.

VDefend now also has on-premises malware analysis capabilities. Enhancements to intrusion detection and prevention system feature capabilities provide consistent threat prevention across dense VCF deployments. The VMware hypervisor can act as a threat sensor to enable rapid east-west threat assessment.

A set of enhancement to the Avi Load Balancer are aimed at optimizing VCF and Kubernetes environments through integration with the Tanzu Application Service, a feature of the Tanzu cloud computing development platform. Broadcom said this reduces deployment times from weeks to minutes and improves application insights from layer 4 to layer 7. Kubernetes-based applications can be equipped with advanced traffic routing capabilities, including header-based matching, traffic weighting and canary deployments for CI/CD pipelines.

Avi supports VCF Import for VCF 9 and will soon get support for native VPC deployment, VCF multitenancy self-management on a per-tenant basis and multi-availability zone support for better resilience. Broadcom also plans to leverage GenAI to enable a co-pilot for application visibility to streamline day one and day two load balancing operations for VCF workloads.

Improved Tanzu automation

Version 10 of VMware Tanzu, a unified platform that helps organizations build, run and manage cloud-native applications, is getting standardized paths to production for developers and platform engineers. Developers can automate secure container builds, bind services to applications, deploy code with a single command and easily scale applications, Broadcom said. Tanzu 10 also automates application and platform management tasks such as patching vulnerabilities, performing rolling upgrades and enforcing policies.

Tanzu 10 provides a Cloud-Foundry-like developer experience for Kubernetes with an application-centric abstraction layer to allow applications to run with consistent operational governance and compliance. This allows developers to focus on applications without worrying about infrastructure details while receiving app-to-platform visibility across Cloud Foundry foundations or Kubernetes clusters across availability zones.

“Tanzu Platform 10 gives you that singular, simple developer experience, irrespective of the underlying platform, whether it’s Cloud Foundry or Kubernetes,” said Purnima Padmanabhan, general manager of Broadcom’s Tanau division. “It gives developers he power to build faster with accelerators and have better performance, more governance and better security.”

The new Tanzu provides a number of package services for VCF, including container operations and data services, to speed application delivery. New features include air-gapped environment support, global server load balancing, advanced networking using the Avi Load Balancer and hardened virtual machine and open source software images available through the Tanzu Application Catalog.

Built-in service binding connects applications to middleware and databases while automatically managing credentials and connection strings. Security enhancements in the Spring Framework support compliance audits, policy enforcement, and automated common vulnerability remediation.

Tanzu AI Solutions are a new set of capabilities that deliver generative artificial intelligence-powered applications at scale. Tanzu Platform’s built-in AI development framework enables developers to build Python applications without knowledge of the language.

Developers also get generative AI observability and monitoring to address accuracy and performance with root cause analysis for applications and large language models.

Photo: VMware