Broadcom’s VMware Acquisition: Driving the Enterprise Need for Rapid and Secure Cloud Adoption

Over the past few months, my discussions with CTOs often begin with their challenges around Operational and Cyber Resilience but quickly move to the challenge of their imminent VMware transition.

For years, many enterprises had established a simple, flexible and relatively cost effective home for their commodity and legacy computing requirements without resorting to cloud migration projects through the use of VMware vSphere virtualized compute clusters. This was particularly true for non-cloud native architecture applications where cloud economics didn’t really deliver significant benefits.. 

Since Broadcom’s acquisition of VMware in November 2023, it has become apparent that the economics associated with this commodity computing solution (and, indeed, the research and development resources assigned to support this technology) are about to change rapidly. This includes the cessation of perpetual license offerings and bundling of formerly disaggregated service offerings (in particular where it comes to storage).

Further, this move has resulted in widespread reconsideration of enterprise compute strategies and a focus on migration of older architecture systems and applications into public cloud ‘infrastructure as a service’ tenancies. This is true even within organizations previously focused only on ‘re-architect’ and ‘refactor’ strategies for cloud adoption.

And this creates an urgent problem.

The Risks of Exposing Pre-Cloud Applications to the Cloud

Exposing legacy systems and pre-cloud native application architectures formerly hidden within firewalled datacenters to public cloud environments carries risk in several ways. In addition, the safe migration of poorly understood systems and their complex interdependencies adds additional operational and cyber risk to organizations at a time where regulators are demanding improvements to their resilience. 

These risks include:

1. Attack surface exposure related to less well maintained systems and their software dependencies.
    
2. Migration of poorly understood systems and their interdependencies is fraught with risk of application breakage and impact to important business services.
    
3. Transplantation of legacy system risk (already recognized as a substantial challenge to operational resilience) into public cloud environments.
    
4. Speed of migration versus scale of planning required.
    

Addressing the Risks through Automated Mapping

We believe that these challenges can be addressed with accurate mapping and risk assessment powered by the automated capabilities of vArmour Relationship Cloud. 

Specifically, the Decision Intelligence platform within Relationship Cloud enables you to achieve the following:

1. Gain an immediate understanding of your applications within the legacy VMware environment. This includes their dependencies and behaviors without the need to install any agents. This information is derived from hypervisor or network native flow logs and does not require any modification to your systems.
    
2. Reduce attack surface. Profile the communication dependencies of all systems within the environment in order to enable you to plan zero trust style network policies for protection within public cloud tenancies.
    
3. Plan migrations with ground truth information about interdependencies between systems, applications, and critical infrastructure systems. This will allow organizations to consider systems that need to move in enclaves, continuing communications needs, and avoid disruption to your important business services.
    
4. Ability to protect legacy systems appropriately as they move to public environments.
    
5. Immediate identification of legacy systems which can be retired. This avoids additional cloud costs and attack surface.
    
6. Identification of toxic combinations (for example, dependency of critical services on non-production or legacy assets) and severe risks prior to migration of systems.
    
7. Acceleration of migration and testing of policies against ground truth knowledge of system behavior.
    

In common with Operational and Cyber Resilience programs, cloud migrations benefit immensely from ground truth knowledge of applications in order to de-risk and accelerate implementation. vArmour Relationship Cloud delivers that ground truth knowledge.

You can learn more about vArmour’s cloud migration benefits here.

About Marc Woolward:

Marc Woolward is CTO and CISO at vArmour. He has spent his career working to architect and operate mission critical architectures within the financial services industry and now many of our customers across all sectors of critical national infrastructure. Through his career, Marc has worked to address resilience requirements within critical infrastructure across networking, cloud, SaaS, middleware, voice communications, and enterprise architecture. Outside of work, Marc is a professional surf kayaker, 6-time national champion, and currently ranked World number 7.