A Flexible Backbone: Designing a Computing Infrastructure for Speed, Security, and Innovation

Pressured by the successes of digital challengers – startups and nimble smaller organizations that are unburdened by legacy technology infrastructures – established enterprises are rethinking their business models, processes, and supporting IT solutions.

To adapt more readily to dynamic market conditions, businesses need technology that is simpler, less complex, and more flexible. At the core of this new approach is a focus on enterprise software applications.

Most organizations have hundreds of applications, and some use thousands. That seems like a huge management challenge, and yet the complexity continues to grow. In fact, the number of applications we build and roll out in the next five years is expected to be greater than the volume we’ve deployed in the last 40 years.

In the past, applications conformed to the available infrastructure. Companies designed their networks, administrators racked up the servers, and developers wrote code to those specifications. Everyone knew how to run, manage, and secure those types of networks.

Today, that certainty is gone. The current explosion of applications is largely based on cloud technologies built on containers and microservices. They are designed to meet new and changing business requirements, but they don’t necessarily conform to any particular infrastructure. As a result, all of the principles, guidelines, and processes need to change.

This is where software intelligence and context-aware IT infrastructures can help. Building context awareness and intelligence into the infrastructure can drive powerful new efficiencies that help organizations work more productively, maximize the advantages of all of their applications, and protect their networks.

Rising Application Complexity

Many companies are hurriedly migrating to the cloud. One retailer anticipated huge volumes of bursty traffic from its Web site during the year-end holidays. Rather than building new on-premise infrastructure, the company planned to relieve some of the pressure by moving certain applications and workloads to the cloud.

Because the retailer didn’t consider the context of the entire sales application universe, things started to go wrong. Customers began to make Web inquiries, but the now cloud-based application lacked connectivity with the supply chain applications. Requests couldn’t consider order backlogs.

The retailer needed to consider the context of how sales processes affected other parts of the business, such as supply chain and enterprise resource planning. Without the right interactions with related back-end processes, the cloud-based application couldn’t efficiently handle the order volume. In hybrid environments, enterprises must leverage context and intelligence to create efficient processes.

There’s one more significant issue. Companies with hybrid infrastructures are experiencing unprecedented levels of security breaches. Often companies try to apply the same security framework to hybrid environments that they used for their client-server infrastructures. Unfortunately, these security approaches cannot scale effectively in hybrid environments.

Yet the explosion of applications is creating huge volumes of data–in some cases, billions of data signals each day. It’s impossible for organizations to manually sort through so many signals, so they begin to filter them. Often filtering is insufficient to identify and isolate real threats.

Instead, enterprises need to create security intrinsically, deploying a security posture across applications and data that scales in native cloud environments. By assessing behavioral patterns in the application context, the enterprise can apply intelligence to threat response–helping companies reduce attacks by 90 percent or more.

Application Abstraction for Cloud Deployments

VMware has been tackling the challenges of data center infrastructure complexity for 20 years. As an early virtualization leader, we abstracted compute hardware and fabrics. Now we are guiding companies through new challenges in their application landscape.

Often our clients deploy cloud-based enterprise applications that fit their business needs, almost with- out regard for where the software executes. As a result, most companies run an average of four to five clouds, including hyperscalers such as Amazon AWS, Google Cloud Platform, and Microsoft Azure. This creates infrastructure-wide management and maintenance issues. More of the enterprise data resides outside of the data center, creating worries about how it can be secured. And employees want to access all of these applications, often from their own devices – requiring companies to support a wide variety of end points and mobile platforms.

By building cloud-based applications in this environment, many companies commit themselves to certain infra- structure choices. Imagine that a developer chooses a particular application programming interface (API) and uses it to quickly write an application. The solution is up and running quickly, which is great. But that API might only run on Google Cloud Platform or AWS.

To address this, VMware developed the same kind of abstraction layer for application development that we created two decades ago for hardware and data centers. By abstracting the build and run component of these modern applications, our technology allows enterprises to pick a onetime run platform and run the application in the data center, on the public cloud, or in a hybrid environment.

The virtualization technology, which is part of the VMware Tanzu portfolio of products, allows companies to build new cloud-native applications, modernize existing software, manage cloud-native applications and microservices, and operate infrastructure that serves all of the applications across any cloud.

Role-based access allows administrators to view the infrastructure, set up storage, create networks, and assign resources. DevOps team members can define workspaces, name spaces, and application clusters. The tool brings administrators and developers together so they can work efficiently and in pursuit of the same goals.

Application developers benefit from accelerated work- flows because the technology provides a consistent dashboard, exposes the right APIs, and offers useful tool sets. The technology also offers an automated blueprint to developers and reuses valuable code from a catalog of custom-developed software and cloud-native services.

Data center administrators gain value from technology, such as a lifecycle manager that automates the processing of operating system and application patches. Using machine learning, the solution tracks all levels of patches and deploys them automatically. Back-end intelligence helps the data center become largely self-driven–freeing administrators for more valuable work.

To bring the solution to market, we partnered with all of the main cloud vendors–including key hyperscalers and 4,000 service providers–to create a consistent infrastructure and operation platform that scales across all clouds. Partners run the VMware stack within their data centers. Our stack virtualizes and automates all of the networking and storage, not just compute resources, allowing us to provide intelligent, context-aware infrastructure as a service.

One client, a larger insurance company, used this new technology to migrate 300 applications from its internal data center to a public cloud. Originally the company estimated three months of labor for each application migration, or 900 labor-months at a cost of approximately US$1 million per application. Using VMware solutions, the company migrated all 300 applications in just a few months–and at less than five percent of the original budget.

Intrinsic Security

Virtualized technologies can also improve a company’s infrastructure security. Three years ago, VMware identified a problem that’s common to many enterprises: we had more than 100 security tools and they could not scale. With each new threat, it seemed we deployed an additional product. No one wanted to remove any of these tools, for fear that it might expose us to a security breach.

Using our own technology to create intrinsic security, we were able to reduce our collection of 100 security tools to just a dozen in two years. By building security into the key control points–such as networks, end points, identities, access, and users–we converted breach-sensitive areas into points of control. If those applications and data move to different clouds or become decomposed into container microservices for modern applications, we can still retain that security posture.

The security solutions understand the intent of an application and know when its operational state is positive. Using network intelligence to assess patterns, we can look for behavioral changes from the ideal state and respond to those–instead of chasing potentially bad behaviors. Because all of the security tools communicate, we can see unwanted network activity and block it. In addition, the solution can automatically remediate problem areas. By abstracting, automating, and unifying our security posture, the technology delivers security built on intelligence and context awareness.

User Experience Benefits

End users get a uniform workflow experience, no matter which device or operating system they choose. Single sign-on and a wide selection of productivity tools allow employees to work smarter, thanks to contextualized workflows that make it easy for applications to share information. At VMware, integration between our meeting, scheduling, and navigation software helps me move quickly and efficiently from one meeting room to another on our 100-acre campus.

The technology has also helped me streamline employee approvals for members of my team. Intelligent workflows consolidate all of my approvals and let me approve or decline a request from one location. Together, these intelligent applications reduce complexity and save me about one day of every workweek. That’s value that no enterprise wants to live without.


About Horizons by SAP

Horizons by SAP is a future-focused journal where forward thinkers in the global tech ecosystem share perspectives on how technologies and business trends will impact SAP customers in the future. The 2020 issue of Horizons by SAP focuses on Context-Aware IT, with contributors from SAP, Microsoft, Verizon, Mozilla, and more. To learn and read more, visit www.sap.com/horizons.

Read more SAP by Horizons stories on the SAP News Center.


Muneyb Minhazuddin is vice president of Solutions and Product Marketing at VMware Inc.