By Sanjay Uppal, SVP & GM of VeloCloud BU, VMware
Providing access to enterprise applications for users who that are working from home, remotely as they travel or are away from the office has always presented challenges. These issues have been exacerbated as millions of people have been forced to work from home as a result of the current global pandemic, and organizations grapple with the new reality that the “office” as we know it may be changed forever. A Gartner, Inc. survey of 317 CFOs and Finance leaders on March 30, 2020* revealed that 74% will move at least 5% of their previously on-site workforce to permanently remote positions post-COVID-19.*
Some of the most common issues that have arisen as a result of these changes include:
- Inconsistent access: Remote and mobile users have a different relationship to enterprise applications compared to how they might use applications at a corporate office. The applications may not be accessible, only accessible via a VPN, which requires setup and enablement, and/or the access may only be available on certain device types (laptops vs. mobile devices, etc.)
- Poor user experience: Users may experience a confusing and frustrating set of authentication methods to connect—after they figure out the need to use a VPN. Once connected, they may find it hard to be productive as a result of a poor experience caused by high network latency, bandwidth contention and an over-stressed infrastructure.
- Stressed enterprise infrastructure: Enterprise IT teams are challenged with building and maintaining a multi-region VPN infrastructure. The user challenges described above contribute to the operational workload of the of the IT team who, at a minimum, have to handle case load and user training. Additionally, this infrastructure must now quickly scale to provide secure connectivity to an increasing number of users working from home.
VMware has long been a pioneer in the area of cloud-delivered intrinsically secure access, both through our VMware SD-WAN platform for branch office connectivity and through VMware Workspace ONE, our digital workspace solution. VMware was named a leader for the second year in a row for its VMware SD-WAN™ by VeloCloud® and VMware Workspace ONE solutions in the 2019 Gartner Magic Quadrant for WAN Edge Infrastructure ** and Gartner Magic Quadrant for Unified Endpoint Management Tools***, respectively.
Today, we’re excited to announce that VMware SD-WAN and Workspace ONE will be integrated to deliver Zero Trust as a service, making delivery of intrinsically secure access for remote and mobile workers faster, easier, and better than ever before. With both products being recognized as industry-leading in their respective areas, this new offering will bring together best of breed elements to create a unique, field-proven intrinsic offering for enterprise IT.
The VMware Secure Access solution will be delivered through our global network of service nodes deployed across more than 100 global locations, operated by both VMware and more than 120 telecom service provider partners, while leveraging VMware Workspace ONE Intelligent Hub, which is used today on millions of devices. This new global service will align with the VMware focus on connecting any user to any application in any cloud at an unprecedented scale.
VMware Secure Access
Augmenting the existing SD-WAN service offering, this new VMware Secure Access solution will be designed to address enterprise concerns over inconsistent access, poor user experience, and stress on enterprise infrastructure. It will provide a multi-region, per-application VPN service for iOS, Android, Windows and MacOS clients, with role-specific policies allowing for persona-based controls.
VMware Secure Access will provide secure remote access to mobile users leveraging the VMware SD-WAN global network and VMware Workspace ONE endpoints
VMware Secure Access Benefits
- Consistent, always-on, intrinsically secure access: With VMware Secure Access and Workspace ONE’s Zero Trust Network Access (ZTNA), a user will always be connected to enterprise applications. ZTNA vets and grants users and devices policy-based access centered on the user and device identity for each connection. If the user is within the branch or corporate network, the VPN service will automatically be paused. If the user works from home (or goes on the road) and tries to connect to their administrator-allowed applications, the network connectivity will transparently and automatically be applied with secure trust established with the device, and additional authentication (e.g. multi-factor authentication) can be applied as needed. Customizable per-client application policies can be fine-tuned to only bring what is needed to the remote access service, lowering user acceptance friction due to privacy concerns.
- Productive work experience: The remote access client automatically will connect to the closest VMware SD-WAN cloud PoP, and the user traffic (based on enterprise policy) may be passed to a cloud firewall, a web security service, to another enterprise branch or data center to an application or service they need. Note that only enterprise traffic will go to the enterprise site with personal traffic being forwarded directly to the internet. The idea here is to avoid latency inducing hairpinned paths through an enterprise data center where strained VPN appliances might have been hosted in the past. As the traffic integrates into the VMware SD-WAN, the benefits of its unique Dynamic Multipath Optimization™ (DMPO) will help protect the traffic against latency, loss and bandwidth contention.
- Efficiency for IT teams: Routing policy and security controls will remain in the hands of the enterprise while the VMware SD-WAN cloud service handles scaling, management, upgrading and multi-region VPN service presence. In our current climate, it can be difficult and expensive to scale quickly, especially in a multi-region way. The easier, productive user experience and the offloading of the service allows IT teams to focus on more complex and critical tasks for the business.
Join the Journey
Earlier this year, VMware launched a Work @ Home initiative that includes a 3-month software subscription to VMware SD-WAN and hardware rental to enable optimal application delivery for users working from home. The VMware SD-WAN Zero Trust Service offering will expand connectivity options for remote and mobile workers. Over the next several months we will announce further integrations and deepening of the service as we continue on our cloud-native SASE journey. Check out the white paper for more information or reach out to your VMware sales team to find out more!
*Gartner Press Release, Gartner CFO Survey Reveals 74% Intend to Shift Some Employees to Remote Work Permanently, April 3, 2020, https://www.gartner.com/en/newsroom/press-releases/2020-04-03-gartner-cfo-surey-reveals-74-percent-of-organizations-to-shift-some-employees-to-remote-work-permanently2
**Gartner, Magic Quadrant for WAN Edge Infrastructure, November 2019
***Gartner, Magic Quadrant for Unified Endpoint Management Tools, August 2019
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.