After three consecutive months attending 75 customer meetings throughout the U.S., Europe and Asia, I came away
with plenty of frequent flyer miles and, more importantly, tons of insight to share with you.

What I learned from customers is that VMware NSX is truly a game-changer. And as we exit the second quarter, the list of customers excited about NSX is only getting bigger. We recently announced that we have grown from more than 150 VMware NSX customers a year ago, to more than 700 customers today. These customers are setting the stage for others to follow. They are providing best practices that we are feeding back to others, and giving us valuable insight into challenges they encounter along the way.

So as I promised, I’ve pulled together highlights from these meetings and condensed them into three key themes that emerged.  For you IT pros out there reading this, let me know if any of this sounds familiar.

1. The story remains the same

For years, IT has been complaining that it takes minutes to spin up applications, and weeks or months to provision the network and its associated services to support the application.  As one network architect at a major U.S. retailer explained to me, “Our team has always been viewed as the biggest obstacle to the company’s cloud initiative. Nobody had sympathy our networking team’s lack of API’s, platform-dependent operating systems, discrete functionalities and poor security controls.”

VMware NSX customers like this have reduced network and security provisioning to minutes, and done so without the need to rip and replace an entire network infrastructure. This is providing investment protection to customers’ network infrastructures. Now with VMware NSX deployed, our retail customer’s team has been able to shake their bad rap. It has given them a modern programmable abstraction layer to innovate and automate the dynamic instantiation and provisioning of networks and associated network services.

Consistently I heard from existing customers and prospects that VMware NSX could empower them to compete with Shadow IT. Our customers are beginning to focus more on upper layer organizational initiatives that will drive their business forward and make IT more relevant to the organizations’ business initiative vs. fighting the mundane day-to-day battles just to keep the lights on.

2. The IT org transformation remains a top challenge

I’m constantly reading about how it’s the organization – not the technology – that will prevent widespread adoption of network virtualization. And yet it has presented the biggest opportunity for our NSX customers. I witnessed firsthand how several of the IT pros with whom I met began broadening their skill sets across traditional infrastructure domains, and are now learning about adjacent technology within infrastructure. I spoke with a few networking guys who acknowledged that understanding the attributes of programmability of infrastructure significantly benefits their career development, as it puts them more on the skill set level of an Infrastructure or Enterprise Architect.

Our customers have all told me this has been not only one of the biggest hurdles, but the most rewarding one to overcome, as it has breathed new life into their staff and propelled the organization into the cloud era.  Yes, you still need deep domain expertise in each infrastructure discipline; the need for that will not go away. However the customers advancing the furthest and the fastest are seeing their staff members up-level their skill sets at the same time. Infrastructure is designed and operated by people, and if your people have not embarked on this journey to transform themselves, how can they transform your infrastructure? If they are stuck in “protect the legacy approach” mode your infrastructure will follow suit.

3. There’s much more to micro-segmentation

We all hear about how security is a Boardroom level issue these days. In general, the customers I met with reaffirmed for me that the majority of their current security spend addresses less than 30 percent of their attack surface.

Here’s how one healthcare customer framed the problem: They have segmented the network as much as possible using traditional networking tools (VLANs), creating an explosion of firewall rules and rule sets that are completely unmanageable. They are hitting the upper limit of rules on firewalls, and the combination of co-mingled and distributed policies have created an operational nightmare for them. This convoluted environment is one of the key contributors to their inability to provision network services quickly, and also makes operations exponentially more complex.

This is a recurring theme and the issue has left enterprises in a massive quagmire:

  • If they try to implement proper segmentation using traditional tools, the mechanisms from both a network and firewall perspective create a scenario that is both financially and operationally impossible.
  • This has become a massive network architecture problem that is leaving almost all customer environments highly vulnerable to hackers.

Proper segmentation (micro-segmentation) substantially reduces the attack surface of a data center. VMware and its security ecosystem provide massive innovation via our micro-segmentation strategy and architecture to solve this problem. My colleague wrote a great article on the three requirements for true micro-segmentation. I encourage you to read it and caution you to understand this properly, as suddenly copycat competitors have introduced their own version of micro-segmentation attempting to jump on the bandwagon. At the end of the day these are merely “marketectural” changes to their same old approach.

Many of our customers now understand that to address this 15 – 20 year old network architecture issue, they need to build what Forrester’s John Kindervag coined as the Zero Trust security model. In fact, micro-segmentation is becoming one of the most important solutions in their defense in depth strategies. VMware NSX has become the platform and framework for enterprise security integration and VMware and our ecosystem of security partners are at the forefront of helping address this.

The ongoing journey with VMware NSX customers

It would be disingenuous to claim that everything has gone perfect with every deployment along the way. What I will tell you is that the level of commitment I’m seeing from our customers to be successful with NSX is unmatched.

That’s because NSX solves their most pressing challenges – not sometime in the distant future – but today.