From On-Prem to Cloud: Building, Managing & Protecting Your Infrastructure


Many organizations have discovered that they overshot in their migrations to the cloud by not enabling a hybrid cloud model. It was my privilege to moderate the Bright Talk hybrid cloud session at VMworld 2019 U.S. The webcast is more relevant now than ever. Central to the discussion are operational and security lessons learned and the role of hyper-converged on the on-prem side of hybrid cloud. While the hour discussion is packed with goodies, you may find this Cliff Notes transcription of highlights useful.

From On-Prem to Cloud: Building, Managing & Protecting Your Infrastructure

BrightTALK @ VMworld U.S. 2019

Whether you’re starting on-premises or moving to the cloud, there are different challenges at different stages of the cloud migration process. A big part of making your migration successful and long-lasting is data protection.

Tune into this live panel discussion with experts at VMworld US to discuss:

  • Best practices for a hybrid cloud migration
  • Strategies for protecting your data in public and private clouds
  • Major cloud migration trends, tools and technologies in 2020 and beyond


We welcome you to this BrightTalk presentation webcast: “From On Prem to Cloud–Building, Managing and Protecting your Infrastructure.” Today’s session is sponsored by Presidio. I’m Dave Welch with House of Brick Technologies. I’m thrilled to have with me on the panel, Mark Vaughn, who Senior Director of Integrated Services for Presidio. We also have Sheng Sheen, a work associate of mine from 12 years ago. He’s manager of partner solutions SEs for VMware. As well as Aaron Buley, who’s global director of VX rail Engineering Technologies for Dell EMC.


Dave: Let’s start with any announcements at the show.

Mark: VMware cloud on Dell EMC. I focused a lot of time over the last two, three years, working with Sheng directly on VMware cloud on AWS. And we’ve seen a lot of value for our customers in that. But there’s still a desire to have some of this infrastructure on prem, and not necessarily in the cloud.

Aaron: There are always some workloads that you may not be comfortable with putting in the cloud. And then there’s just some for business value reasons where if it’s a long term workload that you know, you’re going to be relying on and leveraging for years into the future, where you may feel a little more comfortable giving it a long term permanent home on prem.

A thousand times they said Kubernetes. It’s absolutely this this dual world now. It’s VMs and containers and what they’re accomplishing. They’re in the middle of the day two keynote right now. And what they’re talking about on stage with Project Tanzu, and Tanzu Mission Control, and all that kind of stuff is next level, like this is this is about to take off.

Sheng: The adoption of containers, the movement from a monolithic application to a client server type application stack to multi-tier application stack, and now to micro services with containers. When I first attended Docker con in 2017, in Austin, I was shocked by the enterprise customers that are implementing containers. You’ve got big companies, the oldest insurance company in the US–MetLife–implementing containers. Uber’s entire platform stack is using containers.

A lot of people think hypervisor is a common platform that we all use, which is true. But we’re continuing to add new features to it. Kubernetes is one. Adopting NSX as the software defined networking–virtualizing the network, it really changed the world of networking and security.

So you’re starting to see VMware proactively, aggressively attacking the security market. As Pat mentioned on his earnings call, in a way said security is broken. There are numerous companies out there that have been hacked. The way that we protect our network and our data today, we’re looking in chasing the bad versus protecting the good. I think that’s where we’re changing the methodology to secure the application. So with App Defense, for example, we’re going to whitelist the type of applications and ports, and all the things that we know about the workload.

Mark: And that’s a challenge that we’ve created for security, where it used to really be security kind of created a safe house. We put a lot of barriers in place. We put a workload behind it, and then we can know that that workload is safe. But with a hybrid cloud, that workload now moves outside of that safe house. It’s portable. So we need security models like what VMware is delivering for us that will protect the workload wherever it moves.

Sheng: And that this ties back to your mention of NSX. Right in order for us to do that, NSX is really making that possible. It provides that ubiquitous platform across on prem multi cloud, from on prem, off prem. And we do that by tagging, by applying policies to your workloads. And it’ll demand dynamically understand behavior, the workload, the SLA, the QoS of the workload, and be able to protect the workload no matter where you’re running that workload.

Aaron: The number one use case for the jumping off point for people getting into NSX: micro-segmentation–being able to have those firewalls east and west, and north and south and all over–just wrapped around that app no matter where it moves, rather than just having, as Mark was saying, the traditional way of having a firewall. Well, a lot of what happens from a security perspective happens east west within an environment.

Mark: One of our very first VMware cloud on AWS customers was an organization that grew rapidly through acquisition. Each acquisition had its own data center its own infrastructure. The challenge was how to move and consolidate the physical hardware into a central location. There are a number of challenges that come along with that. You’re adopting someone else’s legacy, you have to figure out where they are, and trying to bring them up to speed with where you are, and then try to merge the environments. We were able to go to multiple locations and leveraging HCX. We were able to connect to their on prem locations, and connect that with a VMware cloud on AWS environment, and then migrate those workloads into the cloud. And establish a new policy going forward that with each acquisition, they will simply implement HCX in that new location, move those workloads into the cloud, and then turn off that newly acquired environment. And there will be no more shipping hardware back and forth all over United States and around the world and expanding data centers to accommodate growth. The speed and efficiency of everything straight to the cloud is paramount because we’re able to move things much faster than other methods would have allowed.

That plays into the mindset of fail fast. Try everything that makes sense. And if it’s not working, you know, get rid of it. And the ones that do work, grow the infrastructure and prolong it. If you have four or five ideas, try all of them, spin them all up in the cloud. And three of them may not work, and that’s fine, you turn the infrastructure back off and you quit getting charged for it. The two that do work, then you need to make a decision. If these are going to live long term, do I want to continue leveraging them in the cloud or do I want to bring them back on prem. Because sometimes those long term workloads make more sense on prem. HCX and that hybrid cloud strategy that you can develop will allow you over time to realize–okay, this is going to be a long term two to three year workload. I want to move this back on prem. And again, that’s really where VxRail and giving you an easy to manage environment on prem. And in VMware cloud, on Dell/EMC, leveraging the same VxRail infrastructure, gives you an easy to manage place to move things back on prem.

I believe the public cloud is probably the best thing that ever happened to the on prem data center because it created a competition for the mindset of the business. And they realized that with public cloud, we can have simple, we can have easy. It forced the IT departments to provide that same capability on prem. We’ve seen hyperconverged add a lot of value to the on prem private cloud data center, because it gets the four or five silos of technology that they’re trying to piece together. The single solution now takes less time–it’s less management overhead, it’s less design overhead, it’s easier to orchestrate, easier to implement automation on top of. The environment puts less focus on the infrastructure and more focus on the workload and the business value. So you get that cloud-like value on prem. It was really the cloud that kind of pushed IT to have to develop solutions like that. And VxRail is an excellent example of how we can simplify things. The value in a large hybrid infrastructure is simplification and allowing you to put your focus, as Aaron said, back on where the business value is—moving up the stack.


Dave: Any new technology, any new method of doing things, any new infrastructure, any new approach has its false starts and its failures. Can you think of organizations whose hybrid cloud approaches, that they would have done it differently?

Mark: I would say some of the early mistakes were public cloud approaches that did not involve a hybrid cloud element. So it was a move everything to the cloud as quick as we can get there.

Dave: I’ve seen companies ricochet right back, even though there was nothing wrong with the infrastructure.

Mark: Sitting back and saying, this did and behaved exactly as they said it was going to. But it’s not the value we were expecting from it. A public cloud has taught us are some workloads that work outstandingly well on the public cloud. But a few years in the public cloud have also taught us that there’s still some workloads that are just better run on prem and provide better business value on prem. The public cloud push taught us that it really should have been a hybrid cloud push. Not just because the cloud is a destination, and you want things there, regardless.


Dave: What other stories can you tell us about customers that have been pleasantly surprised by hybrid cloud enablement?

Mark: We began being able to leverage technologies like VMware to recover into a virtual environment. And that became faster and a little more simple. But you still had to have infrastructure reserved somewhere. And in the event of a disaster, you hope that you’re high enough up on the list that if 100 people show up at the door, you’re one of the 20 that are actually going to get hardware that day for recovery. With the cloud, we’ve seen that instant ability to grow. Add things right as you need them. Leveraging cloud for disaster recovery gives you the ability to scale quickly in the event of a disaster.

Sheng: It’s kind of bleeding edge. But we are seeing some that are entirely production ready in the cloud, and using their on prem environment as a DR solution.

Aaron: One of my favorites comes from Sandy Bryce at Bailey Gifford and Scotland. They’re all in on this hybrid cloud journey. He made me laugh when he said he moved from external storage to HCI. Processes that used to run 45 to 50 minutes completed in like three to four minutes. He was so convinced that something wasn’t set up and running correctly. That story tells the tale that from an HCI and cloud infrastructure perspective, we’re not even having performance conversations anymore, because it’s table stakes. It’s all about that vertical integration, and what are we delivering from a stack experience.

Mark. By way of summary statement, I’d have to paraphrase what Pat Gelsinger said from stage yesterday in the day one keynote. It was along the lines of saying that the technologist who understands hybrid cloud will own the next decade. You know, almost every reference we make to data center anymore, we replace that with hybrid cloud, recognizing that it’s about a single strategy and not about a location.

Table of Contents

Related Posts