July 23, 2012 was a big day for VMware. It was the day the company, which up until then had been known mostly for bringing server virtualization to the enterprise, entered the networking market. By spending $1.26 billion to buy startup Nicira, VMware got something else too: Martin Casado, considered one of the forefathers of the software defined networking movement.
Fast forward to Feb. 24, 2016 and it was another big day for VMware. It was the day Casado left the company for a position at Venture capital firm Andreessen Horowitz. Thrust into the spotlight to replace Casado on the day of his amicable departure was Rajiv Ramaswami, a former vice president at Broadcom and Cisco who now leads VMware's networking and security business unit. This week at VMWorld in Las Vegas Ramaswami and VMware's network virtualization product, NSX, took center stage.
Casado's four years at VMware could be thought of as the incubation phase for NSX at VMware. It was a period of transition for the company, says Eric Hanselman, head analyst at the 451 Research Group. “(Casado) did good work in educating VMware employees, partners and executives in networking and the opportunity in software defined networking,” Hanselman says. During Casado’s tenure at VMware integrations were developed between NSX, which at its foundation is the Nicira product, and VMware's other core products.
As the new head of the NSX division since April, Ramaswami is now charged with executing the next phase of NSX growth both in terms of product development and sales. As more of VMware’s core server virtualization business is eroding as workloads move to the public cloud, the company is positioning NSX as a platform for managing and securing hybrid cloud computing. “NSX is their crown jewel,” said Greg Ferro, host of the networking podcast Packet Pushers. It’ll be Ramaswami’s job to sell that to enterprises.
NSX is more popular today than ever. There are 1,700 paying customers, growing 100% year-over-year; eight of VMware’s 10 largest deals in the second quarter included NSX. A slide at VMWorld of NSX customers included names such as Citibank, Columbia Sportswear and Johnson & Johnson. In January, VMware said NSX generated $600 million in revenue in 2015.
Ramaswmai says the targets for NSX are broken down into three categories:
-Security and microsegmentation: NSX gives customers the ability to create flexible security policies for what traffic is allowed on virtual networks created by the software. Whereas traditional security has relied on a “north-south” perimeter based approach, microsegmentation allows for east-west traffic inside a data center to be visualized and secured using virtual firewalls and other software-based security tools. About 40% of NSX sales are driven by the security and microsegmentation use case.
-IT Automation: Another 40% of NSX users are deploying the virtual networking overlay software primarily for the benefits of being able to more easily spin up and down virtual networks as needed. Whereas physical networks can take days or weeks to provision, virtual networks can be automatically provisioned using APIs. A key tenet of NSX is its ability to run atop any networking equipment, whether that be Cisco routers and switches or some combination of white box hardware.
-Application Continuity: About 20% of NSX sales are driven by using the platform for facilitating disaster recovery, backup, multi-data center pooling of resources and cross-cloud migration of applications across two or more environments that are running NSX.
During the keynotes at VMWorld NSX’s chief technology strategy officer Guido Appenzeller demonstrated a technical preview of functionality the company plans to add to NSX that would allow what he calls cross-cloud networking. The idea is that instead of NSX being deployed as a piece of on-premises licensed software, NSX would be available from major IaaS cloud vendors like Amazon Web Services, Microsoft Azure and Google Cloud Platform. Customers could run NSX in their own data centers and also in multiple public clouds. Doing so would let customers have the same overlay network topology in their on-premises data center and the public cloud, whether it be AWS, Azure or Google. Appenzeller says this process uses an agent-based approach.
Customers can encrypt data transferring between the cloud and on-prem, they can burst workloads to the cloud and across clouds, and they can get visibility into all network traffic happening across the hybrid environment.
VMware is evolving NSX in other ways too. There used to only be one NSX product that included all the software features. In the last year VMware created different tiers for purchasing NSX licenses: standard, advanced and enterprise, showing the evolving nature of the product and appealing it to different size enterprise environments (Standard starts at $1,995 while enterprise is $6,995). With the addition of cross-cloud functionality for NSX, it could soon be available as a SaaS, meaning customers could spin up and down instances of NSX as needed.
“Today we’re selling primarily into private clouds,” Ramaswami says, noting that the majority of NSX sales are deployed atop vSphere. Customers are able to run NSX on non-VMware hypervisors such as the open source KVM. Ebay, for example is a customer that has a large NSX deployment on non-ESXi (VMware’s hypervisor). “Our customers are going to be running workloads either on a VMware private cloud, a public cloud, they could be running in containers,” he said. “Regardless of where they’re running applications and workloads, we can secure those, provide visibility and we can automate those.”