By Tom Gillis, SVP/GM, Networking and Security Business Unit, VMware

EDITORIAL UPDATE: On March 31, 2021 VMware officially closed its acquisition of Mesh7. The blog post originally appeared on March 18, 2021 below and has been amended to reflect that announcement.

With the VMware Virtual Cloud Network, we are delivering a modern network that understands the needs of applications and programmatically delivers connectivity and security services to meet those requirements. The ultimate result is a better experience for both users and applications. We are furthering our efforts to make modern applications more secure with our acquisition of Mesh7, which closed today. The Mesh7 technology will enable VMware to bring visibility, discovery, and better security to APIs.

So why is this important?

Customers are driving app modernization to shed the legacy of monolithic applications, to free IT and developers from single, rigid environments, and to make every service, every team, and every business more agile. Modern applications require reliable connectivity, dynamic service discovery, and the ability to automate changes quickly without disruption as they extend across multi-cloud environments. Security teams and operators need better visibility into application behavior and overall security posture, and the developer experience needs to lead to more secure operations.

To support these initiatives, VMware is driving a new generation of modern application connectivity services leveraging open-source technologies. Early on, VMware realized Envoy would become the platform for next-generation security services. Envoy is an open-source Layer 7 proxy designed for large modern service-oriented architectures. Envoy is a foundational component of Tanzu Service Mesh, which provides consistent connectivity and security for microservices across Kubernetes clusters and clouds. Tanzu Service Mesh controls the communication between thousands of application components, enforces security policy and measures performance and other critical functions, regardless of the underlying infrastructure.

Application connectivity models, however, are moving towards API’s and Layer 7 constructs, and the API gateway is being integrated into developer workflows. VMware is seeing increased demand for a fully integrated API + service mesh product with Envoy as the foundation. The exact same Envoy architecture used in the initial service mesh use case can also control how one application can talk to another application via APIs.

Mesh7 has developed a contextual API behavior security solution based on Envoy that better protects modern cloud-native applications. Mesh7 technology helps customers improve application resiliency and reliability and reduce blind spots through the integration of deep Layer 7 insights with cloud, host, and reputation data. The Mesh7 solution empowers development, security, and operations leaders to address observability, security, and compliance for cloud-native, API-based, and other distributed applications.

With VMware plus Mesh7, VMware will be able to deliver modern application connectivity services that enable a developer experience that leads to more secure operations. The integration of Mesh7’s contextual API behavior security solution with Tanzu Service Mesh will enable VMware to deliver high fidelity understanding of which applications components are talking to which using APIs. Developers and Security teams will each gain a better understanding of when, where and how applications and microservices are communicating via APIs, even across multi-cloud environments, enabling better DevSecOps.

We’d like to welcome the Mesh7 team to VMware and and look forward to having them help us deliver an overall API solution that makes the developer experience for API’s more and more secure by default and easier to operate.



Forward-Looking Statements

This blog contains forward-looking statements including, among other things, statements regarding VMware’s intention to acquire Mesh7, the expected benefits of the acquisition and complementary nature and strategic advantages of combined offerings and opportunities after close. These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (1) the ability of the parties to satisfy closing conditions to the acquisition on a timely basis or at all; (2) market conditions, regulatory requirements and other corporate considerations that could affect the timing and closing conditions to the acquisition; (3) the ability to successfully integrate acquired assets into VMware; (4) the impact of the COVID-19 pandemic on our operations, financial condition, our customers, the business environment and the global and regional economies; (5) VMware’s customers’ ability to transition to new products, platforms, services, solutions and computing strategies in such areas as containerization, modern applications, intrinsic security and networking, cloud, digital workspaces, virtualization and the software defined data center, and the uncertainty of their acceptance of emerging technology; (6) competitive factors, including but not limited to pricing pressures, industry consolidation, entry of new competitors into industries in which we compete, as well as new product and marketing initiatives by VMware’s competitors; (7) VMware’s ability to enter into and maintain strategically effective collaborations; (8) rapid technological changes in the virtualization software and cloud, end user, security and mobile computing industries; (9) other business effects, including those related to industry, market, economic, political, regulatory and global health conditions; (10) VMware’s ability to protect its proprietary technology; (11) VMware’s ability to attract and retain highly qualified employees; (12) adverse changes in general economic or market conditions; (13) changes in VMware’s financial condition; (14) the continued risk of litigation and regulatory actions; (15) VMware’s relationship with Dell Technologies and Dell’s ability to control matters requiring stockholder approval; (16) the potential impact of Dell’s investigation of strategic alternatives with respect to its interest in VMware, including a potential spinoff and related special cash dividend; (17) the ability of VMware to utilize our relationship with Dell to leverage go-to-market and product development activities; (18) risks associated with cyber-attacks, information security and data privacy; and (19) disruptions resulting from key management changes. These forward-looking statements are made as of the date of this blog, are based on current expectations and are subject to uncertainties and changes in condition, significance, value, and effect as well as other risks detailed in documents filed with the Securities and Exchange Commission, including VMware’s most recent reports on Form 10-K and Form 10-Q and current reports on Form 8-K that we may file from time to time, which could cause actual results to vary from expectations. VMware assumes no obligation to, and does not currently intend to, update any such forward-looking statements after the date of this post.