VMware integrates AirWatch, NSX for hybrid cloud security

The latest VMware/AirWatch integration with NSX creates individualized virtual networks for enhanced security.

A new integration could simplify hybrid cloud security for VMware customers who access desktops and data on mobile devices.

Integration between VMware NSX, its network virtualization offering, and AirWatch's enterprise mobility management (EMM) platform enables "network micro-segmentation." This forms an individualized virtual network where users can only connect and access authorized applications. This cuts down on access to data centers that can crop up with gateway virtual private networks (VPN).

VMware had previously integrated NSX with VMware Horizon 6.1.

Software-defined data center technology from VMware allows for automatic provisioning of network micro-segmentation, as well as automated move/add/change for workloads and distributed policy enforcement.

VMware has an advantage as an infrastructure company in offering this type of integration along with its own EMM suite, which is something pure-play mobility vendors have to partner with outside companies to do, said Eric Klein, senior mobility analyst with VDC Research Group Inc. in Natick, Mass.

"It's an interesting value play that an infrastructure company like VMware can bring to the table," Klein said.

Customers may see this integration as a potential cost benefit more than a performance improvement, said Craig Mathias, founder of the Farpoint Group, a wireless advisory firm in Ashland, Mass.

"Performance is a given these days," said Mathias. "With more integration, this can be a one-stop shop for customers. … Cost is still top of mind."

VMware moves past traditional VPN

The way companies have implemented traditional gateway VPNs hasn't changed much in the last few decades and with the proliferation of mobility, IT needs to change its approach to avoid overloading data centers, said Noah Wasmer, CTO and vice president of product management for end-user computing at VMware.

"Sometimes the VPN is not provisioned the right way," Wasmer said. "It's very difficult to get visibility into the implications you're making when you add in another line of code."

Security is another potential benefit of the new platform, as AirWatch's identity management and per-app VPN controls are combined with the NSX network virtualization for hybrid clouds. With Horizon, each virtual desktop is firewalled at the VM level and security policies can be assigned to specific users or groups. These combinations could provide IT an added layer of secure access to applications, desktops and data.

"Security is an area where you are never done," Mathias said.

This combination is the "first stage" of deeper integrations between VMware and AirWatch around NSX, Wasmer said. He declined to provide further details about the product roadmap.

NSX-AirWatch integration comes at no additional charge to customers with VMware NSX 6.1 and AirWatch 8.0 or VMware Horizon 6.1.

Jake O'Donnell is the news writer for and Search He can be reached at [email protected]. Follow him on Twitter @JakeODonnell_TT.

Dig Deeper on Enterprise mobility strategy and policy