VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features

0

***Update*** The Download links for vSphere 6.7 Update 1 have been posted***

One of the major news items coming out of VMWorld and no doubt the first of many to come is the introduction of vSphere Platinum and vSphere 6.7 Update 1! VMware has started off VMWorld with a band already with the introduction of vSphere Platinum and vSphere 6.7 Update 1 with exciting new features and functionality that take VMware vSphere to the next level and basically brings everything together especially with the new fully functional HTML5 client! Let’s take a look at VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features to see what is included with these vSphere releases as they are no doubt exciting releases for the vSphere family of products.

VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features

First things first, what is VMware vSphere Platinum?  VMware has no doubt shown with recent product releases and features that it is serious about security as a focus.  VMware vSphere Platinum meets these security threats head on with a comprehensive solution for securing the digital transformation that most organizations are undergoing.

Challenges with security include being able to address these security issues effectively and efficiently.  Also, being able to operationalize security in a seamless and transparent manner is often difficult to do.  Traditional security models that have protected organizations for years now are simply no longer effective and must be replaced with next generation concepts and methodologies.

VMware-vSphere-Platinum-and-vSphere-6.7-Update-1-Released-New-Features VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features

VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features (image courtesy of VMware)

VMware vSphere Platinum

In steps VMware vSphere Platinum edition.  This is a new edition of vSphere that delivers the needed advanced security features that organizations today must have in their environments and includes these into the hypervisor itself.  At the heart of VMware vSphere Platinum is VMware AppDefense.

With AppDefense, VMware is leveraging capabilities in the hypervisor and machine learning in a way that makes security simple and easy to operationalize.  AppDefense allows creating a baseline of a virtual machine’s known good state and secures virtual machines by monitoring the VM to look for any changes in this known good state.  Malware and other threat vectors that can compromise key files, services and other components of a virtual machine which represents a change in this known good state.

This combination of the latest vSphere and AppDefense compromises vSphere Platinum edition which enables vSphere administrators to have a simple way to secure virtual machines in their organizations.

VMware vSphere Platinum is basically a marrying of VMware vSphere Enterprise Plus with AppDefense included, however is not simply just the two together.  You get a special vCenter Server plugin that allows a tightly integrated experience between the two from a management and operational perspective.

VMware vSphere Platinum Benefits

The following are a list of benefits that are brought to the table with vSphere Platinum edition:

  • See the intent of VMs running in the vSphere environment.  Using machine learning, AppDefense is able to see any state changes and possible malicious environment behavior with the virtual machine.
  • See how applications in your environment behave normally and what abnormal behavior might look like
  • Reduce the attack surface across the virtual infrastructure
  • No agents
  • Leverages the power of vSphere that administrators are already familiar with
  • It enhances existing security tools in the organization
  • Reduces false positives
  • Allows vSphere and security team members to interact effectively and efficiently

Components of VMware vSphere Platinum

VMware vSphere Platinum contains the following core components:

  • VMware AppDefense – Machine learning powered security mechanim that analyzes the integrity of running virtual machines against a known good state.  Guest operating systems are locked down for applications.  Any deviations from the known good state are detected and prevented which maintains the integrity and security of the virtual machines.  This allows for detailed visibility across the board for change management, compliance, and helps to mitigate attacks in the environment.
  • Secure Data – FIPS 140-2 Validated VM Encryption, and cross-vCenter Encrypted vMotion – Secure industry standard protection for vSphere
  • Secure Boot for ESXi – helps protect the integrity of ESXi hosts with code signing
  • Secure Boot for Virtual Machines – Protects guest virtual machines from tampering from malicious code and other attempted attacks
  • Support for TPM 2.0 ESXi – allows remote host attestation
  • Virtual TPM 2.0 – provides the necessary mechanism for securing guest operating systems
  • Support for Microsoft Virtualization Based Security – New features that include credential guard from Microsoft which can now run on top of vSphere.
  • Audit Quality Logging – Provides unprecedented visibility in the vSphere organization

VMware on AWS credit – In order to accelerate the adoption of vSphere Platinum, VMware is offering to customers that purchase 5 or more CPUs of vSphere Platinum a credit of $10,000 in VMware AWS service.

VMware vSphere 6.7 Update 1

This is the release that all vSphere administrators have been waiting for – VMware vSphere 6.7 Update 1.  This is a complimentary release to vSphere Platinum edition and includes some powerful new key features that take vSphere to the next level.

  • New Fully functional HTML5 client! – This is what we have all been waiting for – a fully functional HTML5 client that means we no longer have to use the FLEX client.  This is certainly a day to celebrate!
  • Upgrade path from vSphere 6.5 U2 to vSphere 6.7 Update 1
  • Enhanced support for NVIDIA Quadro vDWS powered VMs and support for Intel FPGA
  • New vCenter Convergence Tool
  • New vSAN version
  • Enhanced vSphere Content Library
New-VMware-vSphere-6.7-Update-1-Features VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features

New VMware vSphere 6.7 Update 1 Features (image courtesy of VMware)

VMware vSphere 6.7 Update 1 Fully Functional HTML5 Client

All administrative functions have now been completed and brought to the HTML5 aka vSphere Client.  No longer do administrators have to shift back and forth between the FLEX (flash client) and the HTML5 client.  Up until now these have included using the vSphere Update Manager (VUM) for updating VMware tools and setting up a vCenter HA cluster, etc.  No more multiple administrative workflows!

Upgrade Path from vSphere 6.5 U2 to vSphere 6.7 Update 1

One of the downsides when vSphere 6.7 was released was the news that the vSphere 6.5 U2 release would not be able to be updated to vSphere 6.7.  With the release of vSphere 6.7 Update 1, the vSphere 6.5 U2 to vSphere 6.7 Update 1 is now a fully supported upgrade path.

VMware vCenter Server Convergence Tool

The new vCenter Server Convergence Tool allows administrators to migrate from an external Platform Services Controller (PSC) architecture to the simpler embedded PSC architecture.  This drastically simplifies the vCenter Server model by lessening the amount of VMs running the vCenter architecture, no more load balancers for HA and no multi-site replication.    New support for Enhanced Linked Mode (ELM) with embedded PSCs for vSphere 6.7 and vSphere 6.5 U2 has been announced as well.

The way the new tool works is an embedded PSC is installed on teh vCenter Server Appliance and a replication agreement is established between the embedded PSC and the external PSC.  One replication between the two is complete for all vCenters, the external PSC can then be decommissioned.

Currently, the Converge Tool only supports vSphere 6.7 so you will need to upgrade first to vSphere 6.7 to take advantage of the new architecture.

Enhanced VMware vSAN and HCI

A new cluster quick start wizard has been added that allows getting up to speed quickly with a cluster configuration including configuraiton of HA, DRS, vSAN and other network configuration needed for those cluster specific services.

I/O controller firmware updates can now be performed with VUM. This allows a much safer and faster cluster remediation all from one single interface and single operation.

Duncan Epping has a great new post on the new vSAN 6.7 Update 1 features one of which is the UNMAP feature that has been introduced. Duncan goes through this new feature in detail.

Another new feature in the vSAN Beta which is coming up is Data Protection, File Services, and Persistent Storage for Containers.

Enhanced Content Library

New improvements to the content library in vSphere 6.7 Update 1 enables importing OVA templates from a HTTPS endpoint and local storage.  Also, importing verifies the certifcate of the OVA bundle.  It also now natively supports VM templates (VMTX) and associated operations such as deploying a VM directly from Content Library.

vMotion for NVIDIA Quadro vDWS and Intel FPGA Support

New improvements with VMware and NVIDIA collaboration to significantly enhance the operational flexibility and utilization of virtual infrastructure that makes use of NVIDIA Quadro.  Additionally, there is new support for vMotion operations and FPGA accelerated workloads.

Takeaways

The highlights coming out of VMWorld are already exciting so far with the news of VMware vSphere Platinum and vSphere 6.7 Update 1 Released New Features.  The new VMware vSphere Platinum version is focused especially on security and helping organizations to operationalize cutting edge security in their organizations at the hypervisor level with AppDefense.  VMware vSphere 6.7 Update 1 is a powerful release that finally introduces the fully featured vSphere Client (HTML5) client that we have been waiting for so long!  Additional features and functionality are also included that make this a worthy upgrade if you have been waiting to upgrade to vSphere 6.7.  More news to come as we hear it!