VMware seems more intent on keeping existing customers happy with what disruptive innovation theory terms sustaining innovations, rather than breaking new ground that might stem the tide to AWS, Azure, Google, OpenStack and the SaaS products built on top of them. VMware is playing prevent defense, not wide open offense.
By doing so, it is turning into this era’s IBM — the safe, established incumbent that never cost an IT manager their job.
The operative word here is 'sustaining' versus disruptive innovations. It's not as if VMware isn't innovating, but that its efforts are focused on evolving from its existing base, not displacing on-premise virtualization infrastructure for radically new technologies or business models. Indeed, the company is on pace to spend more than $1.4 billion on R&D this year or about 21% of sales. By comparison, Microsoft spends about 14%, Alphabet (Google) about 16% and Apple less than 5% of earnings on R&D, so it's not like VMware is underinvesting in its future. However VMware is borrowing a time-honored strategy honed by previous tech hegemons — embrace and extend, namely the adaptation of new technologies to legacy infrastructure and IT management practices.
Three ascending technologies where VMware has been particularly active and innovative — in a non-disruptive way — are SDN, containers and OpenStack, with company execs highlighting developments in each area during VMworld keynote sessions. The unifying theme across its announcements is this: making technology safe for enterprise consumption without upending existing management processes, upsetting admin staff or jeopardizing multi-million dollar investments in on-premise hardware and VMware software.
Multi-cloud SDN, if you can afford it
NSX, the impressive SDN technology that is the outgrowth of VMware's $1.26 billion acquisition of startup Nicera in 2012, has been prominently featured at the past two VMworlds. However, with Nicira co-founder Martin Casado leaving the company to become a general partner at premier VC Andreessen Horowitz and a dearth of significant news, the spotlight wasn't as bright this year. Instead, the emphasis was on SDN customer adoption and integration with public clouds.
The company trotted out several customers that have made NSX the cornerstone of their network upgrades, with each touting the product's inherent programmability, adaptability to various network designs and compatibility with existing VMware management software. Whether a multinational enterprise like Citibank or a regional bank like Washington Federal, NSX users at VMworld cite two major benefits: the ability to automate deployment of typically complex network configurations for virtualized applications and to improve security by creating granular, application-specific network segments with tailored access controls for each application that are enforced by a virtual firewall.
None of this is new. In fact, the security argument for NSX was a centerpiece of Casado's keynote last year, which made a case for network microsegmentation using virtual network overlays like NSX that lie at the intersection of physical and virtual infrastructure — a concept he termed the Goldilocks zone. This year, the emphasis is on product execution and adoption, and here VMware provided the latest example of Mark Twain's famous maxim on statistics.
Although the company never missed a chance to tout 100% NSX sales growth, the reality is that almost three years after the product was made generally available, only 3.4 out of every 1,000 VMware customers, 1,700 total, use NSX. Granted eight of VMware’s 10 largest deals last quarter included NSX, but that's because the product remains so hideously expensive at $2,000-7,000 per CPU socket, i.e. more expensive than the CPU itself, that only the most deep-pocketed IT organizations can afford it.
The most intriguing NSX news at VMworld was an update on technology allowing NSX to run on AWS. In describing VMware's Cross-Cloud architecture, chief strategy officer Guido Appenzeller gave a demo in which a common policy and provisioning engine were used to deploy, manage, monitor and secure virtual networks that span on-premise and public cloud infrastructure. Unfortunately, the heavily scripted presentation (it was actually a video, not a live demo) was merely a "tech preview" and not an announced product with a set release date. Indeed, the same demonstration was made last year, then called Project SkyScraper. Apparently, the construction team got stuck since this skyscraper appears to be taking as long to build as Freedom Tower.
NSX has powerful features that can enhance security, traffic visibility and use of higher-level functions on public cloud networks such as AWS, particularly when using VPCs. Indeed, these benefits are so significant that it's inconceivable that Amazon, Google and Microsoft will cede the market to VMware as bolt-on service — they're sure to add comparable virtual network functions and automation features to their service portfolios over the coming years. For example, AWS VPC already provides a virtual router and firewall that can enforce security policies by both network segment and user group.
Containers and OpenStack
One of the noteworthy items at last year's VMworld was the company's bifurcated strategy towards containers, with two different implementations, respectively targeting traditional IT and cloud-native developers. The former, vSphere Integrated Containers (VIC), was the focus this year since it fits with the overall theme of introducing cloud technology in a way that doesn't disrupt existing VMware infrastructure. Instead of wrapping containers in a VM host, VIC cleverly merges a Docker container image and very lightweight OS kernel into a VM that runs directly on the ESIx hypervisor as a bare metal instance.
The hybridization of VMs and containers allows VMware administrators to treat individual containers as just another VM while allowing developers to work with standard Docker images and toolchain. To that end, VMware also introduced two new features, a management portal for VIC containers (think something like Docker Shipyard) and a container registry based on the Docker Registry with added features including user management and access control, policy-based image replication, audit and logs and a RESTful API.
Since VIC is built on vSphere, managing hundreds or thousands of containers in a cluster isn't done with a cloud-native cluster manager like Swarm or Kubernetes, but using vRealize Automation Suite, which the company would love to upsell to existing VMware customers — which is the point. VMware would prefer to keep container users on its platform rather than see them migrate to a radically new stack optimized for container clusters.
Also highlighted this year were improvements to VMware Integrated OpenStack (VIO), the company's attempt to hybridize traditional virtualization infrastructure with a cloud-native stack. Again, this is a way of introducing a cloud-native software stack on a legacy enterprise virtualization system. The VMware news was support for the latest OpenStack release (Mitaka), software optimization that gets the VIO overhead down to two VMs and the ability to import existing vSphere VMs into OpenStack, allowing legacy applications to be exposed and managed via OpenStack APIs.
VMworld shows a company that is innovating in ways that extend its dominant virtualization platform with cloud-native technologies without requiring wholesale retooling of existing infrastructure nor retraining IT staff. As I mentioned last week, this is a rational, profit-maximizing business strategy for the short term. However it risks widening the gap between legacy IT and associated infrastructure and public cloud services.
Should developers and business users see the technology, agility, speed and cost differences as being too considerable and start bypassing IT en masse, going straight to the cloud, VMware and legacy IT become increasingly irrelevant. By catering to the VMworld masses, VMware keeps everyone happy, but apathy and denial in the face of change and disruption is a prescription for disaster and seldom has IT seen a force so full of disruptive potential as public cloud technology.