The term “Edge” is very broad. Dell Technologies define “The Edge” as “wherever the digital world and physical world intersect, and data is securely collected, generated and processed to create new value”. People working at home individually, a router, a smart speaker, GPU farms, IOT devices, or sensor data are all things that might fall under the umbrella of Edge. Certainly, the numbers of devices attached at the edge are exploding and will continue to rise sharply as technologies like 5G become mainstream. Gartner predicts that, by 2022, 75 percent of enterprise-generated data will be created and processed outside a traditional data center or cloud, up from around 10 percent in 2018. So how do businesses approach this proliferation at the edge, and how can VMware assist in this challenge? Below are some key trends I’d like to address.
Compute at the Edge
When I speak about compute at the edge, people tend to gravitate towards a router, a Raspberry PI or perhaps a device like a NUC – and whilst these are all valid, the next wave is Smart NICs, FPGAs, and GPUs. For example, the rise of Hyperconverged platforms as a technology have been fantastic and transformational for customers; however it has come at a cost to ever more precious CPU cycles to now perform network, storage, and security functions, which previously were performed by dedicated hardware. By introducing technologies like SmartNICs, they allow the offload of network traffic to this dedicated hardware, and thus save CPU cycles.
Another example is the effectiveness of using GPUs vs CPUs for deep learning, machine learning or AI. To use a basic analogy, typically GPUs are bandwidth optimized, whereas CPUs are latency (memory access time) optimized. What that means practically is whilst GPUs might be slower, they can process much more data than the typical CPU in one turn, which is far more effective to process big data. Traditionally, companies have turned towards ASICs and dedicated hardware for this task; however, technical advances in networking have made it possible so that network backbones are more than capable of being the “Bus” to connect things like GPUs together. GPUs, ASICs and other dedicated hardware are expensive, so being able to connect these devices over a commodity “Bus” and then being able to virtualize them to make them accessible is bread and butter VMware! It’s the reason why VMware Bitfusion technology is so key to make use of these special purpose devices wherever they are, and make them accessible for your applications and developers.
Security at the Edge
The second aspect I want to cover is how our security postures need to change to accommodate the proliferation of devices and data at the edge. I see some key trends here that must be considered.
Firstly, our network security postures are being turned inside out; an example of this is right now – with our staff working from home, SAAS apps, and cloud based services, we are going to have more assets outside the fence than inside. This is certainly going to be the case with edge. Devices like sensors rarely have enough CPU or memory to put any kind of security or agent on the device; security in these instances actually means download the latest firmware, which isn’t very effective in practicality. The answer to this puzzle comes down to truly implementing a Zero Trust model.
The Zero Trust concept is that organizations should not automatically trust anything inside or outside its perimeters. Essentially, all access should be cut off until the network knows who you are and that you are safe. This is a concept VMware are well adept at and have mature solutions for. Workspace One is a trusted platform organizations use to secure devices and the applications delivered to them. Many aren’t aware that the list of use cases for Workspace One and the Workspace One Trust Network is ever expanding — an example being the ability to manage devices like vending machines, smart glasses and other non-traditional devices. Carbon Black bolsters our efforts to ensure devices are secure, and neatly integrates with Workspace One today. Zero Trust starts with the edge devices and making sure those devices are patched, updated, trusted and secure.
The second aspect of Zero Trust is adopting concepts like micro-segmentation, SD-WAN and turning your security posture from a “chasing bad” to a “known good” approach. We know at the edge there is going to be large amounts of data being processed. Some of that data will need to be filtered and moved on to big data platforms for further analysis. It often is an impediment to rapid processing, to back haul all that traffic and then to push out a central firewall to the cloud. The ability to perform this at the edge, along with other benefits such as connectivity for over the air updates are some of the benefits that SD-WAN brings. The ability to ensure that every single workload, be that a container or VM, has a “known good state” and be able to monitor that state for anything bad is a fundamental change in security posture companies must adopt. Finally, being able to use that intelligence to micro-segment every workload, and being able to enforce Zero Trust ensures that you can quickly and effectively react, should something go bad at the edge.
Final Thoughts
Managing the Edge is more than just securing a few devices at remote sites. The Edge will redefine how we see security, our networks, our data centers, our EDM strategy, and more. The benefits of Edge is critical for businesses to harness, in order to create new value from the data they collect and process. Hopefully in this article you have seen some ways VMware are helping you to secure the edge, embrace big data, more effectively use devices like SmartNICs or GPUs to create value, and transform your data centres to make the most of this trend.
Matt Lammi is a pre-sales Senior Systems Engineer for VMware in Queensland, Australia. He is responsible for representing and driving value from the entire VMware product portfolio for his customers. He works for his customers to architect solutions to business problems that enable them to digitally transform, and be ready for what’s next across the whole technology landscape. He is also part of the CTO Ambassador program for VMware, leading the Diversity and Inclusion efforts for Queensland. Matt is also part of a specialist engineering team focused on deep product expertise and field advocacy for VMware products.
