VMware is a global leader in cloud infrastructure and digital workspace technology. It offers various virtualization products including vSphere for server virtualization, NSX for network virtualization, and Horizon for desktop and application virtualization. VMware's virtualization software allows multiple operating systems to run on a single physical host. VMware vShield provides security advantages over traditional hardware-based security appliances by offering a single virtual appliance with comprehensive protection capabilities that is cost-effective, simple to use, and adaptive to virtualized environments.

1. © 2009 VMware Inc. All rights reserved
VMware Overview
By Alamgir Hossain
Email: alamgirgtc@outlook.com
M:+8801922688303
Working Experience with VMware vSphere 6.0 (ESXi & vCenter) & VMware Horizon 7 (For VDI):
Optical Data Archive and Networking (ODAN 2nd Phase) Project of BBS
R&D Project of VMware VDI (virtual desktop infrastructure)

2. © 2009 VMware Inc. All rights reserved
A global leader in cloud infrastructure & digital
workspace technology, accelerates digital
transformation for evolving IT environments.
VMware software based Virtualization which
run multiple Operating Systems over a single
physical host.

3. 3 Confidential
Agenda
 VMware Product Type
 Cloud Computing framework, Security & Services
 VMware Infrastructure Architecture (Server, Network & Storage)
 Virtualization – Key Security Enabler (Challenges, Advantage,
Automating & Complex)

4. 4 Confidential
VMware Product Type:
 Data Center and Cloud Infrastructure
 Desktop and Application Virtualization
 Personal Desktop
 Application and Data Platform
 Data Center and Cloud Management
 Internet of Things (IoT)

5. 5 Confidential
Product of Data Center and Cloud
Infrastructure:
 VMware vSphere: vSphere is a server virtualization
platform that delivers essential services for the modern
hybrid cloud such as ESXi & vCenter.
 VMware vSAN: VMware vSAN uses a software-
defined approach that creates shared storage for virtual
machines
 VMware NSX: The network virtualization platform that
enables the implementation of virtual networks on your
physical network and within virtual server infrastructure.

6. 6 Confidential
Desktop and Application Virtualization:
 VMware Horizon 7
 VMware Horizon Cloud
 VMware Workspace ONE UEM
 VMware vRealize Operations for Horizon and
Published Applications
 VMware ThinApp
 VMware App Volumes
 VMware User Environment Manager

7. 7 Confidential
Data Center and Cloud Management:
 VMware vRealize Automation
 VMware vRealize Operations
 VMware vRealize Log Insight
 VMware vRealize Code Stream
 VMware Site Recovery Manager
 VMware Integrated OpenStack
 VMware vRealize Business for Cloud

8. 8 Confidential
Application and Data Platform:
 Pivotal App Suite
 Pivotal TC Server
 Pivotal GemFire
 Pivotal RabbitMQ

9. 9 Confidential
Internet of Things (IoT):
 VMware Pulse IoT Center: A secure, enterprise-grade
IoT device management platform that improves the
reliability & security of your IoT infrastructure.

10. 10 Confidential
Personal Desktop:
 VMware Workstation Pro
 VMware Fusion
 VMware Fusion Pro
 VMware Workstation Player (formerly Player Pro)

11. 11 Confidential
VMware Cloud Services security framework:

12. 12 Confidential
VMware Cloud Security: Cloud, Hybrid or
on premise – security is our priority.
 Extensive security experience
 Built-in compliance
 Accelerate without compromise

13. 13 Confidential
VMware Cloud Security capabilities:
 Software security
 Data security
 Network security
 Identity and access management
 Vulnerability and patch management
 Operations management

14. 14 Confidential
VMware Transforms Security from Expensive to Cost Effective
Load balancer
firewall
VPN
Load balancer
Firewall
VPN
Etc… vShield
Virtual
Appliance
vShield eliminates the need for multiple special purpose
hardware appliances – 3-5x Savings Capex, Opex

15. 15 Confidential
Business Adoption of Server Virtualization Solutions by Company
Size:

16. 16 Confidential

17. 17 Confidential
VMware Infrastructure Architecture:

18. 18 Confidential
Physical Topology of the VMware Infrastructure Data Center:

19. 19 Confidential
vCenter Management Server Management of VM to Physical Servers:

20. 20 Confidential
Virtual Data Center Architecture:

21. 21 Confidential
VMware VMotion, VMware DRS and VMware HA:
VMware VMotion
VMware DRS VMware
HA

22. 22 Confidential
Networking Architecture:

23. 23 Confidential
Storage Architecture:

24. 24 Confidential
VMware VMotion, VMware DRS and VMware HA:
VMware VMotion
VMware DRS VMware
HA

25. 25 Confidential
VMware Infrastructure Access and Control:

26. 26 Confidential
• VLAN sprawl
• Gap between policy and
enforcement
• Manual re-implementation of
security policies
• Heightened risk exposures
• Limited control and visibility
• Organizational confusion (VI,
security, network)
• Hindered IT compliance
• Slow provisioning
• Heightened risk exposures
Security Challenges
Traditional Security
Expensive
• Specialized hardware
appliances
• Multiple point solutions
Rigid
• Policy directly tied to
implementation
• Not virtualization and change-
aware
Effect
Complex
• Spaghetti of different rules and
policies
• Security “rationing”
• Heightened risk exposures

27. 27 Confidential
The vShield Advantage: Increased Security
Traditional Security vShield
Cost Effective
• Single virtual appliance with
breadth of functionality
• Single framework for
comprehensive protection
Simple
• No sprawl in rules, VLANs, agents
• Relevant visibility for VI Admins,
network and security teams
• Simplified compliance
Adaptive
• Virtualization and change aware
• Program once, execute everywhere
• Rapid remediation
Expensive
• Specialized hardware
appliances
• Multiple point solutions
Rigid
• Policy directly tied to
implementation
• Not virtualization and change-
aware
Complex
• Spaghetti of different rules and
policies
Deployments on VMware are more secure than physical

28. 28 Confidential
Automating Operations Management across the Enterprise:

29. 29 Confidential
VMware Transforms Security from Complex…
VLAN’s
agent
Complex
• Policies, rules implementation - no clear separation of duties;
organizational confusion
• Many steps – configure network, firewall and vSphere
• Spaghetti of VLANs, Sprawl - Firewall rules, agents
Policies,
Rules
Network
admin
Security
admin
VI admin
Overlapping
Roles /
Responsibilities
Many steps.
Configure
•Network
•Firewall
•vSphere
Define, Implement ,
Monitor, Refine,
agent agent agent agent agent agent agent

30. 30 Confidential
VMware Turns Security from Rigid…
 BEFORE vShield
• Security groups tied to
physical servers
• “Air gaps”, i.e. physical
isolation, between security
groups
• VMs in a security group
cannot be vMotioned to other
hosts
DMZ PCI compliant
“Air gap”

31. 31 Confidential
… To Disruptively Simple
Few steps:
Configure
vShield
Simple
• Clear separation of duties
• Few steps – configure vShield
• Eliminate VLAN sprawl – vNIC firewalls
• Eliminate firewall rules, agents sprawl
Network
admin
Security
admin
VI admin
Clear separation
of Roles /
Responsibilities
Define, Monitor, Refine,
Implement

32. 32 Confidential
PCI CompliantDMZDMZDMZ PCI Compliant
….to Adaptive
 AFTER vShield
• Security groups becomes a
VM construct rather than
physical server construct
• Security groups enforced with
VM movement
• Mix VMs from different
groups on the same host

33. 33 Confidential
Why VMware vShield is a Security Enabler ?
1. Unique introspection
2. Policy abstraction
Cost Effective
• Single virtual appliance with breadth
of functionality
• Single framework for comprehensive
protection
Simple
• No sprawl in rules, VLANs, agents
• Relevant visibility for VI Admins,
network and security teams
• Simplified compliance
Adaptive
• Virtualization and change aware
• Program once, execute everywhere
• Rapid remediation

34. 34 Confidential
Security Enabler: Unique Introspection
Introspect detailed VM state and VM-to-VM
communications
vSphere + vShield
Processor
memory
Network
Benefits
• Comprehensive host and VM
protection
• Reduced configuration errors
• Quick problem identification
• Reduced complexity – no security
agents per VM required

35. 35 Confidential
Security Enabler: Policy Abstraction
Before
vShield
Policy tied to the
physical host;
lost during
vMotion
Policy tied to
logical
attributes
After
vShield
Benefits
• Create and enforce security
policies with live migration,
automated VM load balancing
and automated VM restart
• Rapid provisioning of security
policies
• Easier compliance with
continuous monitoring and
comprehensive logging
Separate the policy definition from the policy
implementation
Policy tied to
logical attributes;
follow virtual
machine

36. © 2009 VMware Inc. All rights reserved
Thank You..
By Alamgir Hossain
Email: alamgirgtc@outlook.com
M:+8801922688303
Working Experience with VMware vSphere 6.0 (ESXi & vCenter) & VMware Horizon 7 (For VDI):
Optical Data Archive and Networking (ODAN 2nd Phase) Project of BBS
R&D Project of VMware VDI (virtual desktop infrastructure)