vSphere 8 and vSAN 8

The major announcement in San Francisco at VMware Explore US was vSphere 8 IA (Initial Availability) and some of the game-changing features to unlock the value of GPU (Graphics Processing Unit) and DPU (Data Processing Unit) hardware.

First off, the eagle-eyed amongst you may have noticed the vSphere 8 release tagged as IA . This new iteration replaces the previous GA (General Availability) in the sense that it has been through all the previous quality controls and is production ready.

With perpetual and on-premises software, VMware has found that many customers will wait for the first service pack or update, before installing software on their production infrastructure. As the industry shifts to subscription and Software-as-a-Service (SaaS), operational processes change as rolling feature updates are received. To reflect this, VMware has introduced IA allowing for a period of wide scale adoption and feedback, before certifying a build to be GA. This period of adoption and feedback from the field is typically expected to be 4-6 weeks, but can be anywhere from 2 weeks to 2 months, and is designed to give customers more confidence and stability.

At VMware Explore Europe in Barcelona, following 4 weeks and 18,000 deployments with no major issues or escalations, VMware announced vSphere 8 GA. Some of the great new functionality includes:

• Introduction of vSphere Distributed Services Engine (Project Monterey)
• DPU offload for network, storage, and management services to improve performance
• Enhanced Kubernetes run-time with TKG (Tanzu Kubernetes Grid) 2.0 and 2.1
• VMware Cloud Console integration of vSphere 8 Admin Services (Project Arctic)

The cloud capabilities delivered through the VMware Cloud integration include triage of alerts and events, global inventory view, anywhere VM provisioning, detection of configuration drift, and automated one-click updates of vCenter instances. You can read more in the VMware Project Arctic Graduates to vSphere+ overview.

Of course baked in to vSphere 8, comes vSAN 8. There are improvements to compression algorithms and native snapshot integration, but the big news is the new ESA (Express Storage Architecture).

With NVMe-based devices offering significantly greater performance than SAS/SATA, and prices steadily declining, the stage is set for NVMe to become the dominant storage technology in the coming years. The optional next-generation Express Storage Architecture provides a single tier pool of independent NVMe devices:

Cloud and Edge Infrastructure Announcements

On stage during the general session key note, VMware CEO Raghu Raghuram announced the latest initiatives and partnerships to the VMware private cloud portfolio.

First was HPE Greenlake for VMware. HPE Greenlake provides a pay-as-you-go cloud consumption model for HPE hardware; now fully integrated with VMware Cloud to include the VMware enterprise software overlay. More flexibility around payment and commitment terms for customers.

Next was VMware Cloud on Equinix Metal; combining VMware-managed and supported cloud Infrastructure-as-a-Service, with Equinix automated bare metal and connectivity. This service will help extend cloud environments into distributed and metropolitan locations with consistent infrastructure and operations, for business-critical performance at the edge. Equinix are a major connectivity hub for many regions, with private, low-latency connectivity to private and public clouds, and access to thousands of IT and network providers through the Equinix Fabric Interconnection.

Later, William Lam introduced a plethora of VMware Sovereign Cloud product innovations and ecosystem services. Earlier in the year VMware released a framework of guiding principles and best practices to help partners deliver cloud services that adhere to data sovereignty requirements of a specific jurisdiction. This framework and reference architecture is about complete control, beyond individual areas like data residency. You can find out more on VMware Sovereign Cloud in the VMware Sovereign Cloud Overview.

Several developer ready services were announced for the VMware Sovereign Cloud solution at Explore Europe; such as sovereign Kubernetes clusters with multi-tenant Tanzu Standard, and support for air-gapped Tanzu Application Platform and Tanzu Mission Control deployments. Meanwhile Tanzu Application Catalog can now provide a sovereign application pipeline.

The partner ecosystem also gained a significant upgrad. Key Management as-a-Service is now available with Fortanix, and data protection and Ransomware Defense as-a-Service through Veeam and Cloudian. Various data services, lakehouses, and compliance solutions were also added. You can see the full list here!

At VMware Explore US in particular, there were some pretty cool additions to the VMware Cloud on AWS feature-set:

• New i4i instance type with 128 virtual cores (w/HT, Intel Xeon Ice Lake), 1024 GB RAM, 30 TB SSD, and 75 Gb network
• New independently-scalable storage options with VMware Cloud Flex Storage and Amazon FSx for NetApp ONTAPP
• Technical preview of VMware Cloud Flex Compute to help start small and/or easily scale up

VMware Cloud Disaster Recovery (VCDR) was upgraded with purpose-built Ransomware Recovery-as-a-Service (now GA). On top of the existing functionality, Ransomware Recovery will:

• Identify recovery point candidates with dedicated ransomware recovery workflow and guided deep snapshot history, such as change rate and risk of infection vs data loss
• Validate recovery points with NGAV (Next-Gen Anti-Virus) and behavioural analysis
• Prevent reinfection at recovery with on-demand IRE (Isolated Recovery Environment) and VM network isolation

There was good news for multi-cloud resilience fans, with technical preview of Site Recovery pairings between VMware Cloud on AWS and Azure VMware Solution. Let’s look at what else was revealed for Azure VMware Solution:

• Azure VMware Solution is now part of VMware Cloud Universal providing more financial flexibility, savings, and buying options
• Log Insight Cloud for Azure VMware Solution is now available for log analysis, audit, and monitoring integration
• Support for Azure Arc now extends Azure governance and management into vSphere
• New independently-scalable storage with Azure NetApp Files
• Improved internet connectivity options with simple AVS managed SNAT gateway, and Azure Public IP to NSX Edge support

Next, at the enterprise edge VMware announced Edge Compute Stack 2.0. The Edge Compute Stack provides an integrated edge platform delivering real-time intelligence. Building on last years v1.0 release, v2.0 adds GPU passthrough support for AI & ML (Artificial Intelligence & Machine Learning), vendor-agnostic AIOps, and a smaller cluster size to run efficiently on smaller off-the-shelf hardware. The Edge Compute Stack has vSphere, vSAN, TKG, and SDWAN/SASE all built-in.

At VMware Explore US Project Northstar made its debut in tech preview. This is a really exciting new project promising to deliver SaaS-based multi-cloud networking and security services to the masses. We’ve already seen how projects like Arctic and Monterey have become fully fledged features or products after their announcement. The immediate benefits that jump out from Project Northstar are scalable lateral security, flexible consumption, and faster time to value. Let’s drill down further:

• Policy as-a-Service – manage networking and security policies centrally for all clouds, with a single touch point and consistent controls and policies across sites and regions
• NSX Intelligence as-a-Service – enhance security planning and visibility with NSX Intelligence offering real-time visualisation, recommendations, and insights on threats and behavioral anomalies
• NDR as-a-Service – scalable threat detection and response with Network Detection and Response (NDR); analyses IDPS (Intrusion Detection and Prevention System), malware, and anomalies for a single , simplified SOC monitoring process aligned to the MITRE ATT&CK framework
• Advanced Load Balancing – (ALB) cloud hosted controllers that can be used standalone or in conjunction with other Project Northstar SaaS services
• Workload Mobility – workload mobility as a service with fully managed workload migration and secure connectivity across multiple sites

To support these initiatives, at VMware Explore Europe HCX+ was announced to provide central management, automation, orchestration, and observability for workload migration, repatriation, and rebalancing initiatives across clouds. Deeper insights and a unified dashboard for licensing, threat telemetry, and proactive support were also added to VMware NSX Advanced Load Balancer’s PULSE Cloud Service.

Finally, at Explore Europe VMware unveiled Carbon Black XDR to extend VMware’s visibility and detection to VMware Carbon Black Enterprise EDR. The new XDR solution enhances lateral security using telemetry from VMware Contexa, which records and processes over 1.5 trillion endpoint events and over 10 billion network flows each day, along with strategically captured data through technology partnerships.

Cloud Management Announcements

Throughout VMware Explore US and Explore Europe, VMware announced the next chapter in their multi-cloud management story; introducing VMware Aria, a unified management solution for cloud native applications and multi-cloud.

VMware had previously been developing cloud management products under the vRealize banner. Whilst these are great products they offer individual perspectives to different personas and teams. As IT moves away from traditional silos and more towards Cloud Center of Excellence (CCOE) models, a unified end-to-end service is required. With the addition of CloudHealth and Tanzu Observability also providing FinOps and DevOps capabilities for cloud management, VMware has taken the opportunity to launch not only a single portfolio, but a new centralised single platform.

VMware Aria is absolutely not just a rebranding of the vRealize Suite, and here’s why:

• VMware Aria Graph provides a near-real time single source of truth for all operations and events, with unified GraphQL API for developers and operations
• VMware Aria Hub provides centralised views, relationships, and controls for managing the entire multi-cloud environment from a single interface, powered by Aria Graph

The word ‘aria’ actually means a single voice above all others, and summarises perfectly the value of the new Aria Hub and Aria Graph. What’s more, at VMware Explore Europe a free tier of VMware Aria Hub powered by VMware Aria Graph was announced. The new free tier will allow you to understand the relationships of your resources and policies for up to 2 native public cloud accounts (currently from either AWS or Azure).

We now have end-to-end management across clouds, and as well as ongoing innovation within each of the product sets, VMware are also announcing new end-to-end overarching solutions for multi-cloud:

• VMware Aria Guardrails – enforcement automation for networking, security, cost, performance, and configuration across clouds
• VMware Aria Migration – assessment, planning, and execution automation for the multi-cloud migration journey
• VMware Aria Business Insights – full-stack event correlation with AI & ML analytics to present relevant business insights across clouds

In terms of features, we heard about Tanzu Mission Control integration with Aria Automation (formerly vRealize Automation), and a new application dashboard for Aria Operations for Networks (formerly vRealize Network Insight).

Aria Operations Cloud (formerly vRealize Operations Cloud) now supports synthetic monitoring to track the performance and availability of public facing applications. At Explore Europe, Aria Operations 8.10 was announced. The latest release will include a no-code management pack builder, to expand operations anywhere that has a Rest API. Capabilities for public cloud monitoring, using Telegraf agent, and basic actions for AWS, Azure, and GCP virtual machines were also added, as well as support for Raw Device Mappings (RDM).

Log analysis hasn’t always been the most exciting of topics, but there were some big announcements for Aria Operations for Logs (formerly vRealize Log Insight) at Explore Europe. The first was Log Root Cause Analysis (RCA), which will save hours on log forensics. Log RCA will take a specified date and time, and use Machine Learning (ML) to sift through potentially millions of logs, before presenting back outliers relavant to a breakage or major issue. A confidence score is provided and the operator can dig deeper into the individual events. Log Compare will allow simultaneous queries to be run side-by-side. There were also content packs released for Azure VMware Solution (AVS) and Oracle Cloud VMware Solution (OCVS).

Modern Apps Announcements

The latest updates to Tanzu Kubernetes Grid (TKG) were announced at Explore US (v2.0) and Explore Europe (v2.1). TKG 2.x introduces a new unified API (ClusterClass) for declarative state deployment, scale, and lifecycle management. ClusterClass support for the supervisor cluster was brought in with TKG 2.0, followed by management cluster support in TKG 2.1.

Also announced was TKG 2.1 support for Oracle Cloud Infrastructure (OCI), complementing existing AWS, Azure, and vSphere integrations.

Tanzu Mission Control will support private and air-gapped deployments, allowing consistent control of all Kubernetes clusters for customers who must operate on-premises and in air-gapped environments. Furthermore, Tanzu Mission Control will also support Amazon Elastic Kubernetes Service (EKS) cluster lifecycle management.

Tanzu Mission Control will also streamline the installation of trusted, upstream open source software packages with Bitnami Application Catalog integration. Speaking of Bitnami, the Bitnami engine was used to develop the VMware Image Builder. At VMware Explore Europe, it was announced that VMware Image Builder is now in beta!

Tanzu Application Platform (TAP) 1.3 has brought in Red Hat OpenShift support, and Jenkins CI/CD integration. TAP 1.3 air-gap support was added for disconnected and highly regulated environments, as well as secure software supply chain enhancements and supported vulnerability scanners. You can read the full list of announcements in Tanzu Application Platform Updates.

Finally, enhancements were made to Tanzu Service Mesh Advanced, allowing operators to automatically discover Kubernetes clusters across multiple clouds, and onboard them for secure connectivity.

Anywhere Workspace Announcements

The big news in the SASE (Secure Access Service Edge) space was the new SD-WAN client to provide consistent connectivity, performance, and security capabilities to remote and mobile workers. The SD-WAN client will enable zero trust security, integrated AIOps for end-user experience visibility, Dynamic Multipath Optimisation for fast and reliable connections, and access to a worldwide network of SASE Points of Presence (PoPs) for multi-cloud access. SDWAN and SASE continue to grow this global connectivity by also adding new PoPs and delivering VMware Private Mobile Network.

At VMware Explore US and Europe, VMware presented a strategic north star vision of autonomous workspaces – self-configuring, self-healing, self-securing – as the future of hybrid work. To support this vision, product enhancements were made across virtual apps and desktops, anywhere workspace, security, and digital employee experience. Let’s take a look:

• New next-gen Horizon Cloud thin-edge architecture reduces infrastructure costs and increases scalability, the API-driven console also extends automation and integration capabilities
• At Explore Europe VMware announced that existing Horizon 8 on-premises environments will be able to connect to the Horizon Cloud control plane for consistent management
• Horizon Published Apps on Demand pairs App Volumes with generic RDSH host servers in real time
• At Explore Europe VMware announced Horizon Cloud support for Windows 365 Cloud PCs

• VMware Digital Employee Experience (DEX) has been expanded with Digital Employee Experience Management or DEEM support for unmanaged or third-party managed devices
• Furthermore, DEEM has been extended to Horizon and improved for frontline workforces, the highly anticipated Guided Root Cause Analysis and Remediation has also been made available
• The workflow and automation capabilities of Freestyle Orchestrator have been extended out to mobile devices (Explore US), and to 3rd-party app integration (Explore Europe)
• The Workspace ONE Cloud Marketplace will simplify service adoption and integration
• Workspace ONE multi-user support has been added to support app, profile, and workflow variants for shared devices
• Workspace ONE Mobile Threat Defense protects against a range of app, device, and network threats – at Explore Europe VMware announced the beta version of integrated phishing and content protection

Many of the sessions from both Explore US and Explore Europe are available to replay online in the VMware Explore Video Library. With the ongoing energy crisis in Europe, don’t miss VMware CTO Kit Colbert discussing how we co-innovate to accelerate energy transformation.

Phew.. that’s it for another year! A huge congratulations to all the Customer Achievement Award Winners, including in the UK The Royal Orthopaedic Hospital NHS Foundation Trust, and to Lloyds Banking Group for taking to the main stage during the general session!