VMware is making a point these days of expressing support for multi-vendor hypervisors. Can you tell us about that and what might be the security limitations around it related to NSX?
Our goal is to change the network and we have to integrate with everything the network touches. Our charter is not to sell vSphere, it's to change the network. We need to be at each point-of presence in the network to do that. There are heterogeneous hypervisors deployed today, and physical workloads that aren't virtualized. Xen, KVM, Hyper-V -- we've got customers with OpenStack KVM deployments. NSX is an independent technology, a software layer that runs on servers at the edge, running on Xen, KVM, Hyper-V or control top of rack switches. Some of these platforms we don't totally control, like Linux. We have to go to the community upstream in a process for them to consider it. It may take time. In security services we can do what we want with ESX, we own the bits. With KVM, we have to go through the Linux community. There may be differences in time when some security services are available. There's a distributed firewall that runs in the hypervisor, available in ESX but not KVM. It will take upstream support. But eventually, all will be available on all platforms.
As you are likely aware, the tech press covering the NSX announcement this week, based on analyst input about it, widely reported NSX network virtualization as VMware bumping up against Cisco in a battle over software-defined networks. Can you comment on that?
The deepest relationship VMware has with any hardware vendor is with Cisco. You have VCE. They're a very strong partner. We need physical infrastructure as we send packets around. We love Cisco! NSX is totally compatible with Cisco products. That said, partnerships all evolve at their own pace and have their complexity.
HP made news this week as supporting NSX. What are they doing?
HP is doing a technical integration on top of Rack Switch to include it in the NSX environment. We will never do physical switches...
Back to NSX Service Composer, we heard this week that there's an ambitious plan to have the various vendor software products tied to NSX, such as antimalware or intrusion-prevention, be able to share security information to somehow automate a response among products. That would be rather unusual. How would that actually work?