Behind the technical jargon of VMware’s ad can be found a simple truth: DPU has the potential to be a game-changer for VMware when it comes to network security.
“There’s an isolation angle to this, and it’s the firewall we’re putting everywhere,” said Tom Gillis (pictured), senior vice president and general manager of VMware’s Networking and Advanced Security Business Group. “We put it in every little piece of the server, and when it’s running on one of those DPUs, it’s in a different memory space. It puts an air hole in the server itself so that if the server gets hacked, it won’t get into the network. Really powerful.”
Gillis spoke with CUBE industry analysts John Furrier and Dave Vellante at VMware Explore, during an exclusive broadcast on CUBE, SiliconANGLE Media’s live broadcasting studio. They discussed the details surrounding the announcement of VMware’s NSX platform and the drive to fundamentally change security. (*Disclosure below.)
Focus on the traffic between east and west
VMware’s SmartNIC solution provides greater visibility of East-West traffic, and information traffic laterally across the network. This is an essential element of security because major intrusions are designed by malicious actors to provide a malicious level of access to the database.
“We’re very focused on lateral security or east-west movement of the attacker, because, frankly, that’s the name of the game these days,” Gillis said. “How do we make it difficult for them to navigate the infrastructure and access really valuable assets? If they run code on your machine, they might find some interesting stuff, but they won’t find 250 million credit cards.”
The latest security improvements focus on securing applications from within. With DPU, VMware now has the ability to secure both the virtual machine and container-based applications, according to Gillis.
“For virtual machines, we do it with a hypervisor, with NSX, and we see it all in the inner workings,” he said. “In the container world, we have a service network that allows us to look at every little snippet of code and how they talk to each other. Anomalies appear like a sore thumb, and with our unique focus on infrastructure, we can see every one of these little transactions and understand the conversation. We see The internal plumbing of the application and thus we can protect the application.”
Gillis joined VMware in 2018, at a time when Pat Gelsinger was still the company’s CEO. Gelsinger has since left to lead Intel, but Gillis still remembers the guidance given by the VMware CEO when he joined the platform.
When I started at VMware four years ago, Pat sat in his office and said, ‘Tom, I feel like we’ve basically changed servers, we’ve basically changed storage, we’ve basically changed networking, but the final piece of the puzzle is security,’ Gillis remembers. to change it drastically.” “The stakes are incredibly high. Just look at the impact of these security attacks. Companies are being removed.”
Here’s the full video interview, part of SiliconANGLE and theCUBE’s coverage of VMware Explore:
(*Disclosure: This portion of the CUBE was sponsored by VMware. Neither VMware nor other sponsors have editorial control over the content on the CUBE or SiliconANGLE.)