A recently conducted survey of hundreds of VMware, Inc.‘s customers sheds light on growing concerns they have about the state of the virtualization software and the company behind it – ranging from rising licensing costs, ransomware vulnerabilities and a diminishing quality of support.
VMware
VMware users anxious about costs and ransomware threats
VMware customers have growing concerns about the state of the virtualization software and the company behind it – ranging from rising licensing costs, ransomware vulnerabilities and a diminishing quality of support, according to VergeIO.
Exiting VMware to Eliminate High Storage Costs
Storage, an integral part of a VMware infrastructure, often consumes a hefty chunk of the IT budget, and exiting VMware to eliminate high storage costs may be the best strategy. Exiting VMware can reduce primary storage costs and investments in secondary storage like backup and archive. A VMware alternative can provide better ransomware resiliency and data protection, reducing backup software investments.
Most IT professionals think that high storage costs come from being forced to invest in high-performance dedicated all-flash arrays (AFA). VMware’s vSAN and Nutanix’s hyperconverged infrastructure (HCI) products were supposed to lower storage costs by enabling IT to use off-the-shelf storage media while maintaining enterprise-class features, performance, and availability. Both products fell well short of the goal and, in most cases, are as expensive as the legacy three-tier architecture.
Why Does VMware Have High Storage Costs?
So, what should storage realistically cost? A 15.3 TB NVMe SSD is priced at less than $1,500, meaning 300 TB of high-performance storage comes in at about $30,000.
Why, then, is it well over 5X to 10X that amount to add 300TB of flash capacity to a VMware environment? Dedicated arrays have to cover the cost of the components already in the environment (CPU power, networking, memory). HCI hasn’t lived up to expectations, either. These vendors still charge too much for their software, which doesn’t deliver the enterprise-class performance or capabilities that IT demands, so IT must overcompensate with more hardware and additional drives.
Decoding the High Storage Costs
The above mentioned, $30,000 should be the entire cost to add 300TBs of high-performance storage. Most customers have plenty of excess storage bays in their physical hosts, so they should be able to add these twenty drives without additional hardware costs.
If HCI vendors offered common sense licensing, there would be no additional software charge. The problem is that vSAN and Nutanix don’t have common sense licensing; they constantly charge for add-ons. From a technical perspective, they can’t easily handle adding a mixture of different storage device types to existing servers; they can’t deliver the hundreds of thousands of IOPS potential of the storage, and these solutions often lack the enterprise features that customers expect.
The combination of the failure of HCI to cut costs and the subsequent need for a high-end all-flash array (AFA), balloon the VMware storage budget. The cost of dedicated storage is negatively impacted by:
- Markup Pricing: Despite some genuine costs involved in their strategy, dedicated storage array vendors charge exorbitantly for their capacity.
- Performance Requirements: Their software inefficiencies necessitate powerful processors to maintain the array’s pace with the performance potential of the media they insert into it.
- Feature Implementation: Functions such as deduplication, snapshots, and data protection, while beneficial, are also inefficient and strain performance, demanding even more RAM and processing power.
- Unnecessary Server Expenses: Often, organizations have servers with empty drive bays. Despite this, they purchase and maintain separate powerful “storage servers,” incurring extra costs.
The High Cost of Data Protection
Exiting VMware to eliminate high storage costs may also allow you to reduce the high cost of protecting VMware. Because of the inefficiencies in the HCI and dedicated storage array software, customers must also invest heavily in backup and recovery architectures, which include the backup software itself, a backup storage target, and a long-term object storage-based system to immutably store backup data so that it is protected from a ransomware attack.
Ironically, all of the investment in backup infrastructure has done little to stem the tide of ransomware. According to a recent VergeIO survey and study:
- It takes most customers 3+ weeks to recover from a ransomware attack
- It takes most customers 3+ days to realize they are under attack.
If the infrastructure can’t warn you it is under attack and takes days to realize it is happening, then almost every snapshot contains encrypted data, as do most backups. Pulling the correct data out of these backup copies is manual and time-consuming, which is why most recovery efforts take more than three weeks.
VergeIO’s Ultra-Converged Infrastructure: Eliminating High Storage Costs
VergeIO introduced VergeOS, an ultra-converged infrastructure solution to address the high storage costs dilemma. Boasting a unified, efficient code base, VergeOS promises:
- Cost Efficiency: Customers can install server-class media like 15.3TB SSDs in their existing servers for a fraction of typical HCI / dedicated array costs while gaining over 300TB of storage capacity.
- Enhanced Performance: With these drives, users can potentially achieve over a million IOPS with improved data protection.
- Deduplication: Integrated into its core, VergeOS’s global inline deduplication incurs minimal CPU or RAM overhead.
- Snapshot Technology: Powered by IOclone technology, VergeIO’s snapshots act more like data clones, making them a viable backup solution. Add to that, IOfortify, and you have infrastructure-wide ransomware protection.
- Virtual Data Centers: VergeIO’s unique Virtual Data Center (VDC) technology encapsulates the entire data center and simplifies tasks like patching, disaster recovery, and ransomware resiliency.
The Verdict: Should You Turn Off Your Array?
For those using HCI, the benefits of VergeOS – from superior performance to reduced costs – make the switch compelling. VergeOS installs on the existing HCI hardware, breathing new life into it while improving performance, data protection, and ransomware resiliency. VergeIO features common sense licensing. VergeOS is licensed per physical host, not the number of processors, cores, RAM, or storage capacity. One license per physical server, and it includes all of the capabilities.
Even dedicated storage array customers will find it more cost-effective to change when weighing the high maintenance costs against VergeOS’s offerings. Most AFA customers tell us they can switch to VergeOS for considerably less than the cost of their current maintenance contract. Combine that with the cost savings of exiting VMware; these customers typically report a 50% reduction in TCO. As one customer said, “I’ll save money just by turning my AFA off.”
In conclusion, making informed decisions is crucial as the IT landscape evolves and storage costs skyrocket. Exiting VMware and considering alternatives like VergeOS can extend the savings beyond the VMware license. Many customers find their storage cost savings justify the migration while paving the way for enhanced performance and greater data resiliency.
Exiting VMware to eliminate high storage costs is one of many reasons to consider a VMware alternative, but you need to take a step-by-step approach. Join us for our webinar, “How to Exit VMware Step-by-Step,” for practical advice on how to develop a VMware exit strategy at a pace that makes sense for your organization.
The Impact of VMware’s Inefficiency
Licensing costs contribute to VMware’s total costs, but IT professionals almost always underestimate the impact of VMware’s inefficiency. They listed licensing costs as their primary concern in our recent survey. Still, other concerns, like required premature server and storage upgrades, lack of virtual machine density, and continual investments in backup infrastructure, highlight its inefficiency.
VMware’s inefficiency is brought on by years of plugging holes in the product through a never-ending series of bolt-on fixes, which often increases licensing costs and requires more hardware than necessary and more IT professionals to manage an increasingly complex environment. Even if VMware were to freeze its prices or even lower them, the ripple impact of its inefficiency makes a VMware exit to a more efficient alternative platform a wise strategy.
Understanding the Layers of Data Center Infrastructure
Most vendors divide the data center infrastructure into three layers. A hypervisor like VMware ESXi virtualizes the compute layer. A storage layer that in most medium to large-sized data centers is a dedicated storage array because of the shortcomings of virtualized storage products like VMware’s vSAN, and a networking layer that is built using proprietary networking hardware because of the expense of software-defined networking solutions like VMware’s NSX.
While it isn’t forgotten about, there is a fourth layer that is, for some reason, not included in the typical infrastructure discussion: backup and disaster recovery. In theory, with the right hypervisor software and storage capabilities, there should be no need for this to be a separate layer. Still, because of shortcomings, most organizations invest a large part of the IT budget into it.
The Impact of VMware’s Inefficient HCI
VMware started as a server virtualization and consolidation solution. Before VMware, each application ran on a dedicated server. VMware made it so IT could safely run multiple applications on a single server as virtual machines (VM). The idea behind hyperconverged infrastructure (HCI) is to extend that concept and eliminate the need for dedicated storage arrays and network appliances by moving the software that drives these dedicated appliances onto the same set of servers that VMware was using.
In the same way that VMware lowered costs by eliminating the need for a server for every application, HCI should lower costs by eliminating the need for a dedicated set of appliances for every aspect of storage and networking. The impact of VMware’s inefficiency means that most data centers have chosen not to use HCI and instead continue to use a legacy three-tier architecture. The problem is that most HCI vendors continue to use ESXi and run their storage or networking software as a virtual machine under ESXi, meaning they must navigate through the same VMware tax overhead as virtualized applications.
The result is HCI has not achieved the price advantages nor the operational simplicity that the original entrants into the market claimed. As a result, the legacy three-tier infrastructure is still the most common architecture in data centers.
HCI’s Inefficient Networking Problem
HCI also has an east-west inter-node network issue since storage and network operations must coordinate separately across all the cluster servers. Since each of these services is separate from the hypervisor, it triples the amount of inter-node communication, which limits scalability.
Because of the impact of VMware’s inefficiency, HCI networking limitations go beyond east-west traffic issues. In most cases, HCI vendors offer almost no additional network functionality besides what is embedded into the hypervisor. Or, in the case of VMware’s NSX, which is reasonably robust, it is not included as part of the hypervisor, and the add-on cost significantly increases the VMware license cost. In a recent blog, VMware suggested the best way to overcome its ransomware vulnerabilities was to deploy NSX, which, not coincidentally, almost triples the cost of the license.
VergeOS Eliminates the Layers
VergeIO is Ultraconverged Infrastructure; instead of re-creating the data center layers in software, VergeOS unifies them, including secure data protection, into a single code base that dramatically increases efficiency. Its efficiency lowers costs, enabling IT to do more with its existing resources while simplifying operations. Most customers can reduce physical server demand by 30% or more, which means running existing servers longer and ordering new servers less frequently.
VergeOS provides complete Layer 2 and Layer 3 network functionality, eliminating the concerns over east-west traffic contention and the need for separate network appliances. It also eases administration as network management becomes a seamless part of the data center infrastructure.
The Impact of VMware’s Inefficient Storage
Most HCI vendors are storage vendors in disguise. They make a storage software solution that can run as a VM within a hypervisor, typically VMware. These solutions, including vSAN, suffer from performance issues, partly because of vendors’ VMware performance tax and odd development choices.
Like HCI in general, storage, specifically in this architecture, should deliver rather significant cost savings and deliver better performance with the right architecture design. IT should be able to add capacity to their existing servers for a fraction of the cost of a “shelf upgrade” using a dedicated storage array. However, the impact of VMware’s inefficiency is felt most severely when HCI tries to provide storage performance and services comparable to a dedicated storage array.
In the survey above, we spoke to a customer looking to add about 300TBs of storage to their three-year-old All-Flash Array. HCI, if it had an efficient storage capability, should eliminate the AFA from consideration because the customer had several servers with twelve or more available storage expansion bays.
A 15.36TB NVMe SSD can be easily had for about $1,500. That means the customer can get 300TB of raw NVMe capacity, delivering well over one million IOPS for about $30,000, and insert them into the empty drive bays in their existing servers. When asked what it would cost to add 300TB of raw capacity to their Pure Storage array, they said at least 10X that cost.
As you can see, storage should be the area where HCI enjoys a significant price advantage, but again, like in other areas, it falls short:
- Since most HCI vendors are storage vendors, charging by the amount of capacity in use, the cost to add storage to HCI quickly rivals that of dedicated storage arrays.
- Most HCI solutions can’t add storage to available drive bays on just a few servers in the HCI instance. The capacity must be added to all the servers, or the customer must buy additional servers that match those in place.
- HCI inefficiencies mean the solutions can’t reach anything close to the performance potential of NVMe flash drives.
- Using storage services like deduplication, data protection, and snapshot retention times, further impacts storage and compute performance.
As an example of how storage services impact HCI’s efficiency, look no further than deduplication. While most HCI solutions support deduplication for capacity efficiency, in most cases, it is a bolt-on solution and not part of the original code base. VMware vSAN, for example, added deduplication years after it first appeared on the market. Nutanix’s deduplication appeared almost a decade after the product first shipped.
As a result, using deduplication from these vendors typically requires the addition of more powerful processors, additional memory, and, in some cases, changes to data protection strategies.
Limitations and compromises are the impact of implementing almost any storage feature as part of a virtualized environment:
- Snapshots are limited to 32 total, and the best practice is not to have a snapshot that is older than a few days.
- Data protection from media failure is complex and takes an undue toll on inter-node connectivity.
- Replication for disaster recovery almost always requires a separate product.
VergeOS Supercharges HCI Storage Performance
Storage services are built into VergeOS and run as an equal citizen to the hypervisor instead of a subservient VM. Storage capacity can be inserted into nodes “post-facto” or storage-mostly nodes (a couple of processors and storage) can be added to the existing instance.
VergeOS provides a complete suite of storage services like deduplication, replication, and unlimited snapshots that can act as backups because they are more like clones, than traditional snapshot technology. Because storage is an equal citizen in VergeOS, our storage software is equally efficient and overcomes the challenges IT faces with VMware’s inefficient approach to storage. All these services can run without impacting performance, limiting their use, or forcing IT to make compromises elsewhere.
It is essential to highlight the VergeIO common sense licensing model. VergeOS is licensed by the physical server, not the number of processors, cores, amount of RAM, or storage capacity. In the above example, the customer can add 300TB of capacity with zero additional licensing charge.
The Impact of VMware’s Inefficient Data Protection
VMware also provides a very inefficient means of data protection, forcing all customers to create a separate backup and disaster recovery infrastructure. While it has basic protection from media failure and the ability, at an extra cost, to migrate VMs if a physical server fails, its snapshot capabilities are anemic at best. And their own best practices state, “Do not use VMware snapshots as backups.” For the most part, VMware’s snapshots are only used one at a time to provide data to a backup application and then quickly removed for fear of negative performance impact.
As a result, most customers implement separate backup software, which sends data to a separate backup storage area, which then must send it to another immutable backup storage area to protect against ransomware. These customers typically have a separate disaster recovery (DR) solution replicating data to a DR site. VMware’s inability to adequately protect itself is the cause of all of this additional investment in data protection.
The backup and recovery infrastructure becomes a separate cost and management point, often requiring specialized IT personnel. However, this additional investment does more than add to the total cost of VMware’s inefficiency. It complicates other tasks, such as patch upgrades.
For example, in our survey, we spoke to a VMware customer using HPE Zerto as a more powerful disaster recovery tool because of concerns about VMware’s ransomware vulnerabilities. There is an obvious cost concern with Zerto, but this customer’s current experience highlights a concern with the bolt-on approach caused by VMware’s inefficient approach to data protection.
In this case, the customer had a critical patch from VMware that closed a vulnerability in ESXi to a known ransomware exploit. However, they found that Zerto was not yet compatible with this latest release of VMware, and it would be at least three months before they were. The use of bolt-on technologies forces the customer into an awkward position. Do they deploy the VMware update and go without disaster recovery for three months, or do they keep disaster recovery working but put the organization at risk for a known ransomware exploit? While this situation does not increase the customer’s hard cost, the impact of VMware’s inefficiency certainly increases their mental overhead and anguish.
VergeOS is Secure and Resilient
Unlike VMware’s inefficient ransomware protection, VergeOS was built from the start to be a secure infrastructure software. The OS itself is hardened against attack. When combined with virtual data centers, immutable snapshots, and rapid alerting of encryption activity, customers can bounce back from ransomware threats in minutes with no data loss.
Conclusion
While licensing costs are a valid concern, the total cost of VMware’s inefficiency goes well beyond the surface. Inefficient HCI, storage, and data protection layers contribute significantly to operational complexity and expenses. VergeIO’s innovative approach with VergeOS offers a comprehensive solution that eliminates these inefficiencies, reducing costs, and simplifying operations. As data centers evolve, it’s essential to consider alternatives that optimize efficiency and empower IT professionals to do more with existing resources.
To learn more about how VergeOS can revolutionize your data center, watch our on-demand webinar as we discuss the results of our survey of almost 200 VMware customers and provide a live demonstration of VergeOS recovering from a ransomware attack.
Exit VMware Without a Server Refresh
According to our recent survey, one of the requirements of any VMware alternative is to exit VMware without a server refresh. IT leaders are driving this requirement for three primary reasons:
- VMware’s latest versions force decommissioning server hardware long before it has outlived its applicable service.
- The quality and performance of server hardware built within the last five years suggest that it can reliably support workloads for up to ten years.
- Delaying or eliminating server refreshes is a great way to contend with flat budgets.
Why, then, does VMware require customers to upgrade to go through a server refresh so they can run the latest versions of their software? Why also do most VMware alternatives force you to buy prepackaged hardware bundles? The answers come down to efficiency and hardware dependency. Infrastructure software vendors with bloated code and strict server hardware requirements are forcing you into a lifetime of premature server refreshes.
Efficiency Eliminates Server Refreshes
Vendors force you into server refreshes to hide the inefficiencies in their code and the lack of foresight in design. Most infrastructure software is an assortment of different software applications, often from different vendors, that they attempt to “glue” together through a common management GUI.
VMware, for example, uses ESXi for the hypervisor, vSAN for the storage software, and NSX for the networking software. Each application has a different code base and overlapping code, which compounds VMware’s already significant virtualization tax.
As a result, there is a lot of redundant code and metadata in the infrastructure software and extra communication overhead to keep these separate applications in sync. The lack of integration between these applications creates significant overhead that impacts server performance and scalability.
Traditional Three-Tier Architectures don’t fare much better. Customers still face four to five-year refreshes for servers, plus they now add a separate refresh cycle for storage. There is also the unnecessarily high cost of a dedicated storage array.
Ransomware Makes It Worse
Our server also highlighted a significant concern about ransomware, and customers are constantly looking for solutions to give them an edge against the ever-evolving threat of having all of their data encrypted. In response, vendors constantly release patches to close down vulnerabilities in their code, releasing new software (for a fee) that keeps their older software safer. For example, VMware promotes NSX to help better protect ESXi. Instead of starting with secure infrastructure as a software core, they are bolting on potential fixes, which further impact performance and force customers into premature server refreshes.
According to our recent survey of almost 200 VMware customers, using existing hardware and improving ransomware protection were two of their top requirements for a VMware alternative. Join us for our live webinar tomorrow at 1:00 PM ET to learn the study results and see a live recovery from a ransomware attack. Register Now
Bundles Don’t Eliminate Server Refreshes
To hide continual software bloat, some vendors create predefined server bundles. These bundles use the latest processing power, which depends on specific CPU chip capabilities and fast NVMe flash drives to hide inefficiency, but they don’t eliminate server refreshes. They make server refreshes even more challenging. The customer still needs to refresh servers to provide enough power to compensate for the bloated software, but now they can only get that hardware from one or a tiny list of certified vendors. IT teams need to look no further than vSAN-Ready Nodes or Nutanix’s very restrictive hardware compatibility list as examples.
Turnkey HCI Makes it Worse
The turnkey bundle approach also makes a VMware Exit less appealing. Vendors that force the customer to buy new hardware as they are exiting VMware increase the costs of the exit dramatically. They also make installation more difficult because, at least for a while, the new hardware and the old must co-exist in the same data center.
VergeIO Eliminates Premature Server Refreshes
VergeIO unifies networking, virtualization, and storage software into a single software code base, eliminating the redundances common in other solutions. It also eliminates the extra and unnecessary lines of communication between the services, enabling a more scalable infrastructure.
Breath New Life Into Existing Servers
VergeOS does more than leverage existing hardware; its efficiency gives it a new lease on life. Our customers typically can increase overall virtual machine density and improve the performance of I/O intensive applications without resorting to an expensive dedicated storage array. Most VergeIO customers find they can delay or even eliminate the subsequent several server upgrades. When it does come time to add new servers to the infrastructure, add whatever brand and type of servers you’d like. VergeOS enables you to mix different server types within the same VergeOS instance.
Run Servers Until They Break
There is a common saying, “sweating the asset,” which means getting more than the typical four years from server and storage hardware. VergeOS enables customers to run the asset until it breaks permanently. Customers can do this because the entire infrastructure is redundant; VergeOS transitions VMs to surviving servers if a server fails. There is no extra charge for high availability (HA); VergeOS includes HA and all other features in every product edition. VergeIO has production customers running servers over six years old with no complaints about performance or fear of hardware failure. Those servers can co-exist with servers a few months old within the same instance. VergeOS eliminates server refreshes while maintaining availability.
Ransomware Resilient from Day One
Ransomware resiliency is not an afterthought with VergeOS. As we discuss in our paper, “Creating an Infrastructure-Wide Ransomware Resiliency Strategy,” it is built into the core of our Utraconverged Infrastructure (UCI) platform. Our multi-layered, infrastructure-wide ransomware protection strategy includes the following:
- Virtual Data Centers (VDC) that enable customers to shrink the attack surface
- IOclone, which provides frequent, immutable snapshots without impacting performance
- IOfortify, which provides rapid detection of a potential attack and a hardened operating environment that acts as firmware, eliminating the potential of platform-level exploits.
Conclusion – Skip The Server Refresh
Exiting VMware without undergoing a server refresh is crucial for organizations looking to maximize their IT infrastructure efficiency and cost-effectiveness. VMware’s insistence on frequent server hardware upgrades and the challenges posed by ransomware threats have left many IT leaders seeking alternatives. However, most alternatives require new hardware and enforce restrictive hardware compatibility lists.
VergeIO enables you to exit VMware using your existing hardware, extracting more life from it while not compromising features or data resiliency.
Is VMware Losing Customers with Broadcom Buy Imminent? Surveys Say Yes
- Written by Kelly Teal
- September 26, 2023
End users fear Broadcom will raise VMware prices. So, they’re looking to leave, say ShapeBlue and VergeIO.
Is VMware losing customers?
As the 25-year-old virtualization and cloud computing company anticipates new ownership by the end of next month, two new surveys indicate the answer is a resounding yes.
On Tuesday, cloud integrator ShapeBlue and data center software provider VergeIO released separate data citing end-user uncertainty around the imminent Broadcom–VMware combination.
Both companies’ customers fear VMware pricing will soar with Broadcom in charge, and they predict Broadcom will push VMware only to focus on large organizations.
Survey Reveals VMware Customers’ Top Concerns
Ann Arbor, Mich, September 26, 2023 — A recently conducted survey of hundreds of
VMware customers sheds light on growing concerns they have about the state of the
virtualization software and the company behind it – ranging from rising licensing costs,
ransomware vulnerabilities and a diminishing quality of support.
VergeIO, the Ultraconverged Infrastructure (UCI) company, spent two months surveying
and conducting in-person interviews with hundreds of existing VMware customers. The
results of the research have been released in a report entitled, “State of the VMware
Customer.”
Among the key issues found were:
Pricing Concerns – 84% of respondents indicated that they were concerned
about VMware’s current and future costs, with many highlighting “per-core”
renewal quotes and licensing agreements that require a commitment to year-
over-year spending increases as additional points of distress.
Ransomware Resiliency – With a rise in ransomware attacks exploiting specific
VMware vulnerabilities, 77% of customers worried about their data resiliency. A
number of those interviewed indicated that their VMware environments had
already suffered a ransomware attack, with recovery efforts taking more than 2
weeks despite having reasonable backup procedures in place.
Technical Support – 60% of customers expressed their concern with VMware’s
ability to provide high-quality technical support, with those interviewed stating the
difficulty in receiving support via phone calls. Others lamented slow response
times to emails during outages.
These survey results also come amidst rumors of VMware focusing on major enterprise
accounts with a shift towards a more expensive pricing model post the Broadcom
acquisition. Because of these concerns, more than 87% of respondents indicated that
they are currently researching alternative infrastructure platforms to VMware.
While rising prices were a top issue among VMware customers, a vast majority
indicated that they are unwilling to sacrifice capabilities in order to save money. Top
priorities of VMware replacement from those surveyed were seamless migration (76%),
ability to use existing hardware (72%) and the desire to do more with that existing
hardware (61%).
“Even before the Broadcom acquisition, customers have had concerns about VMware’s
pricing strategy and pace of development,” said George Crump, VergeIO CMO.
“VMware has built its offering through a series of technology acquisitions, resulting in a
solution that is bloated, complex and expensive. VergeIO takes a different approach.
VergeOS’ unified codebase streamlines the infrastructure, making it more scalable,
efficient, higher performing, less complex and easier to support – the very qualities that
respondents in the survey are looking for.”
Crump and VergeIO CEO Yan Ness will discuss the results of the report in an upcoming
webinar, “The State of the VMware Customer” which analyzes the results of the survey
and shows how VergeOS overcomes them. Registrants will receive a copy of the survey
in advance of the webinar. Register Here
About VergeOS:
VergeIO is the Ultraconverged Infrastructure (UCI) company. Unlike hyperconverged
infrastructure (HCI), it rotates the traditional IT stack (compute, storage, and networking)
into an integrated data center operating system, VergeOS. Its efficiency enables greater
workload density on the same hardware with high levels of data resiliency. The result is
dramatically lower costs and greatly simplified IT.
Media Contact:
Judy Smith, JPR Communications
818-522-9673
judys@jprcom.com
VMware Exit for Ransomware Resiliency
VMware is coming under ever-increasing scrutiny for its ransomware shortcomings, and now customers are considering a VMware exit for ransomware resiliency instead of just to reduce licensing costs. The heightened concerns come from increasingly sophisticated cyber threats, and recent VMware vulnerabilities have been part of the problem.
In conversations with numerous VMware users infected by a ransomware attack, they often recount tales of belated attack discoveries, followed by intensive recovery efforts that take weeks, if not months, to restore their systems entirely. VergeIO has identified key ransomware shortcomings in the VMware environment, and offers a viable means to address them effectively by exiting to VergeOS.
So, how can IT professionals break this cycle?
The Infrastructure-Wide Approach to Ransomware Resiliency
Ransomware resiliency revolves around more than backup software and hardware. If you have to count on backups to recover from a ransomware attack, you are in for a very long and painful process. Counting on a separate, third party backup process as VMware does, is why customers are considering a VMware exit for better ransomware resiliency, in addition to trying to reduce licensing costs.
A more comprehensive approach to ransomware resiliency is required, focusing on:
- Limiting Attack Surface: This means not all virtual machines (VMs) are exposed, creating barriers between them. The Virtual Data Center (VDC) technology by VergeOS mimics this concept, bundling VMs, storage, and network configurations within a group of applications, creating a “walled garden” to contain potential threats. By default, it is nearly impossible for a malware trigger file to move between VDCs.
- Prioritizing Frequent Data Protection: Regular backups won’t suffice. Ransomware can encrypt data faster than most backup schedules can accommodate. This ability to deliver rapid, frequent data protection is where VergeOS stands out with its IOclone-based snapshot technology. It ensures frequent, space-efficient, and impact-free data protection. VergeOS snapshots are independent copies rather than legacy snapshots that are a cascading tree of dependence. With VergeOS, customers can execute snapshots frequently with no disruption to performance.
- Immutable Data Storage: Traditional backups can still be compromised. VergeOS ensures that IOclone-based snapshots are immutable and safe from ransomware intrusions unless deliberately changed to read-write by an authenticated Administrator. Malware may launch within a single virtual data center, but it can’t spread beyond it, and it can’t infect immutable protected copies, which can easily be only a few minutes old.
- Timely Patch Application: VMware Administrators often need help to apply patching timely, potentially exposing vulnerabilities longer than organizations would like. VergeOS uses its VDC and snapshot technology to allow quick patch tests, ensuring smooth deployments without disruptions. IT Administrators can clone the entire VDC into a “Lab” VDC and test the patch impact against the entire data center without disruption to production.
- Swift Ransomware Detection: Recognizing a breach early is crucial. VergeOS’ IOfortify technology swiftly detects potential threats, often within minutes, allowing for prompt action and containment. The recovery effort increases in complexity exponentially with each minute the attack goes undetected.
- Efficient Attack Victim Identification: Once contained, it’s vital to pinpoint affected VMs. VergeOS’ telemetry information, coupled with IOfortify timestamps, accurately indicates compromised systems for quick recovery. It enables you to focus on the few infected VMs instead of needing to scan every VM in the environment.
- Zero-Data Movement Recovery: VergeOS enables a near-instant recovery process, allowing IT Administrators to restore operations promptly without lengthy data transfer processes. There is no data movement. Bring up the most recent snapshot, scan for a potential trigger file, remove it if present, and launch the clone into production. There is no data movement.
- Detailed Forensics: Instead of hastily erasing infected datasets, VergeOS enables you to quarantine and retain them, offering valuable insights into the attack mechanisms and aiding with future prevention strategies.
- Robust Operating Environment: VergeOS stands out with its hardened operating environment, ensuring that its core remains unexploited, and in case of any breach, a quick restoration is possible.
Our newest white paper, Creating an Infrastructure-Wide Ransomware Resiliency Strategy, will enable you to create a strategy to help you recover from an attack within minutes and with no data loss —Download Now. Justify a VMware exit for ransomware resiliency in addition to reducing licensing costs.
Rethinking Infrastructure Choices with VergeIO
VergeIO’s focus isn’t a mere reaction to the ransomware challenges IT faces; it’s a well-thought-out strategy integrated into the core code base from day one. It ensures a fortified operating environment. When seeking a VMware alternative, cost savings are essential but not exclusive. If, during the VMware Exit, you can improve your ransomware resiliency, it makes the decision both compelling and logical.
Converting your VMware environment is painless and risk-free. Schedule a technical whiteboard session; our experts will walk you through the process.
Read about how ransomware infiltrated MGM’s infrastructure on 9/15/2023 encrypting more than 100 ESXi servers.
Watch as we protect, detect, and recover a VM that is being attacked by ransomware.
Mitigating VMware Migration Risks
Many VMware customers are concerned about ever-increasing licensing costs, and are actively considering VMware alternatives. However, mitigating VMware migration risks is an even more significant concern. There are four steps that IT planners can take to ensure a seamless and risk-free migration to a new infrastructure platform:
- Upfront Assessment
- Virtual Proof of Concept
- On-Premises Evaluation
- Gradual Cut Over
Upfront Assessment of a VMware Alternative
Before diving deep into any IT project, you want to ensure the result will be significantly better than the current state. When considering a VMware alternative, reducing and simplifying licensing costs is one of the obvious areas to examine. Beyond licensing costs, IT should also evaluate long-term cost savings potential like:
- Simplifying day-to-day operations like patching.
- Extending the life of existing hardware and using it more efficiently.
- Eliminating the need for a dedicated storage array.
Additionally, moving to an alternative platform should deliver more than cost savings. IT planners should consider the move to a new platform as an opportunity to improve capabilities like:
- Improving data protection capabilities by moving beyond snapshots.
- Improving ransomware resiliency and detection with a hardened infrastructure platform.
Finally, before moving to the next step, you should talk to some existing customers and see what they have to say about the potential alternative. Get their feedback on how easy the product is to use, how well it’s supported, and learn about their day-to-day experiences. Current customers can prove vendor claims.
Virtual Proof of Concept of a VMware Alternative
Once IT completes its initial assessment, most vendors try to rush to a proof of concept (POC). POCs are the cornerstone of mitigating VMware migration risks, but the problem is that a POC requires IT to find some hardware or make space for the vendor’s hardware. It also means that IT must find the time to go through the testing process and have a strategy for performing that test.
An alternative is a virtual proof of concept, where the vendor creates a virtual environment for you to test drive their solution. However, this virtual environment must give you full reign to perform whatever type of testing you want. You should be able to do more than “just drive the GUI.” You should be able to load up your virtual machines (VMs), test data protection capabilities, and start to think through on-premises test plans.
Your virtual instance should be 100% isolated from any other virtual POCs. Otherwise, you can’t deploy your applications and data without the risk of another organization gaining access to them. If the vendor can only deliver that isolation by dedicating specific hardware for the test, they will likely have to limit the time you can test. If the vendor can deliver that isolation, then they should be able to provide a very flexible testing timeframe.
On-Premises Evaluation of a VMware Alternative
If the potential VMware alternative still interests you after completing the virtual proof of concept, it is then time to move to an on-premises evaluation of the solution. Most vendors are happy to provide an on-premises evaluation. Still, the IT planner must pay attention to the vendor’s behavior as you move through this process.
There are red flags that will appear, even before you start testing. These red flags should give you some insight into how well the solution is going to perform for you in the coming years:
🚩 Does the vendor require a multi-hour meeting to ensure all the technical requirements are met?
🚩 Does the vendor insist on providing you with hardware even though they say they are "software-only"?
🚩 Does the vendor want to come on-site to install the evaluation?
🚩 Does the vendor push you to do a "try-and-buy" where you commit to buying the solution if critical requirements are met?
🚩 Does the vendor insist you use the local technical resource for any technical questions that might arise?
An on-premises evaluation should be a strings-free relationship. You should be able to use existing hardware. It should only require a quick call, not a three-hour workshop, to ensure the hardware you plan to use is optimal for your testing. If the vendor claims to be software-only, then as long as you can provide hardware that meets their minimum requirements, you should be given the green light for your evaluation.
Usually, having a vendor come on-site to install an evaluation, or worse, providing you with a “turnkey” hardware package for the evaluation is a sign that the vendor is trying to hide how complex their solution is to get running. If it is hard to install, it will be hard to operate.
You are testing something new, and you will run into technical questions. You should go through regular technical support channels to get those questions answered. This process lets you see what kind of support you will get years after installation.
Gradual Cut-Over to the New Platform
Once you’ve completed the evaluation, you should map out a migration strategy before you commit to purchase. Mitigating VMware migration risks requires that the cut-over to the new platform is gradual. In most cases, you won’t flip a switch and, in a single pass, move all your VMs to the new platform. You typically migrate in “lumps,” one workload at a time. This more gradual process means the migration capabilities, if there are any, should be continuous. The new platform’s migration capabilities need to keep VMs from the VMware environment in sync so that the most recent copy of data is on the new platform when IT is ready to convert the next workload.
A near-continuous sync of VMware VMs to the new platform also means that it can provide enterprise-wide value from day one while you are gradually migrating to it. Suppose the migration function is near-continuous and intelligent enough only to move changed data blocks. In that case, it can act as a disaster recovery solution (DR) for the entire VMware environment. The result is from day one; it can save you money while you migrate at your pace. Without it, you are under too much pressure to show value from the new purchase quickly, making you more likely to rush VM migrations.
If the new platform achieves the efficiency mentioned in the initial assessment, IT should be able to carve off two or three physical servers to act as the initial foundation. Those initial servers should be able to receive all the migrated VMs and the continuous updates to them. Then, as you move VMs into production on the new platform, resources will free up in the VMware environment, enabling you to add a few more servers to the new platform.
A De-Risked VMware Migration
Selecting a vendor that is patient enough to walk through the above process de-risks the migration away from VMware. Each of these steps is essentially a checkpoint in the process, and you don’t move to the next step until you are confident in the results of the prior step.
Using existing hardware and providing value while you migrate are critical. If, during the evaluation process, you discover something you don’t like about the solution, you are not saddled with a bunch of hardware that you must de-install and return. And the ability to add value while you gradually migrate, in our example acting as a DR solution, puts less pressure on you to migrate too quickly.
The VergeIO Team is happy to guide you through this process, which is why we have such high customer satisfaction. The first step is to perform the upfront assessment—schedule yours now with one of our technical experts.
The Cost of the VMware Tax
IT has to factor the cost of the VMware Tax into its infrastructure planning. Where does this tax come from? It is the extra expense in hardware needed, to compensate for the overhead of VMware’s inefficient virtualization code. Adding additional components like vSAN for storage, or NSX for networking only makes the tax more severe. These components will adversely impact applications and users if IT doesn’t work around the overhead. These workarounds cost money, increase complexity and create a more brittle infrastructure that struggles to adapt to the organization’s future needs.
There are three primary effects of the VMware Tax:
- A lower-than-possible VM Density.
- The continued need for stand-alone bare-metal workloads.
- A proliferation of the three-tier architecture.
To compensate, organizations are forced to:
- Buy more or more powerful physical servers than what should be necessary.
- Buy high-performance dedicated all-flash arrays.
- Face a never-ending future of premature server and storage refreshes.
The Cost of the VMware Tax is one of the hidden costs of VMware. Learn about the rest of them in our on-demand webinar, “The 4 Hidden Costs of VMware.”
The Cost of VMware Tax on Server Planning
The first cost of the VMware Tax is that meeting the organization’s demands requires using either fewer virtual machines (VMs) per server and more physical servers or more powerful physical servers to support more VMs per server. As we discuss in our article, “HCI isn’t Infrastructure,” using more servers highlights the scaling issues common in Hyperconverged Infrastructure (HCI) and leads most customers to purchase more powerful servers to reduce cluster node count.
Using more powerful servers with more CPUs, cores, and RAM increases those servers’ costs. This approach also increases VMware licensing costs since the company charges by the physical CPU installed in its nodes, and the expectation is that after the Broadcom acquisition is complete, the company will switch to a per-core licensing strategy and is expected to raise costs even further.
Overcoming the VMware Tax with Powerful Servers
Overcoming the cost of the VMware Tax by using more powerful servers exposes the lack of flexibility when scaling, the typical VMware architecture has. More powerful servers will likely be used longer before organizational growth requires IT to add another server to the cluster. When it comes time to add additional servers to the cluster, two or three years later, that exact server type may no longer be available, or a better option may be available using a different CPU vendor. Managing nodes of different types within a VMware environment is convoluted, leading many customers to establish an entirely separate cluster, further increasing costs and complexity.
There is also the challenge of, after three or four years, the hypervisor or storage vendor may upgrade its software to the point that it no longer supports the original servers. At that point, IT is faced with refreshing its entire server infrastructure to maintain compatibility with the updated software.
The Cost of the VMware Tax on Scale
Hyperconverged Infrastructure (HCI) solutions expect a “balanced scale,” where the organization adds equal amounts of computing, storage, and networking. This requirement exposes another cost of the VMware Tax. No organization always needs to scale these three components at the same time. Especially when purchasing more powerful servers, the organization will likely need more storage performance or capacity before requiring additional computing resources.
Again, legacy HCI designs like those from VMware (vSAN, vSphere, NSX) or Nutanix expect almost identical nodes to be added to the cluster. To meet capacity demand, customers are adding servers similar to their original installation, and they end up paying for and wasting a massive amount of CPU and memory that come with those servers. Although a few vendors have evolved to allow more storage-centric nodes, these are complex band-aids with many compromises and increasing complexity. Most customers choose not to use them.
The enforcement of balanced scaling forces most customers considering HCI solutions to disqualify them later. As a result, the VMware Tax indirectly proliferates the more complex and expensive three-tier architecture.
VergeOS Enables High VM Density and Imbalanced Scale
VergeOS is a highly efficient data center operating system (DCOS) that enables high per-physical server VM populations. It does this by integrating the three standard data center tiers (networking, computing, and storage) into a single code base that is a fraction of the size in terms of lines of code without sacrificing features. This effort is the foundation of Ultraconverged Infrastructure (UCI) which moves beyond the flawed HCI model to deliver the full promise of a truly converged infrastructure.
A more compact code base means faster execution on the same hardware. Integrating the traditional data center tiers means that efficiency carries throughout the entire solution. Our typical customer can support 25 to 30% more VMs per physical server with VergeOS than their prior solution (Hyper-V, VMware, Nutanix) while running on the very same, existing hardware.
As the organization’s demands grow, VergeOS provides flexible and intelligent scaling. An optimized internal-node communication protocol ensures near-linear performance increments as IT adds nodes to the environment. VergeOS’ flexibility means that IT can add nodes of almost any type, including storage or compute-centric nodes. VergeIO has never forced the retirement of old servers to support a new version of VergeOS.
VMware Tax Encourages Bare Metal
Despite all the advantages and flexibility of virtualization, the cost of the VMware Tax means that many customers still view some applications as bare-metal only. The performance demands of these servers are just too strenuous for the virtual environment. They either starve other VMs on the same node of resources or can’t continually guarantee access to the performance these applications demand. They also tend to be certain hardware types, like GPUs, that specific applications need, which legacy solutions don’t adequately virtualize.
The result is IT must purchase and stand up dedicated silos of computing and storage for these applications, which increases costs and complexity. Additionally, these bare-metal environments don’t benefit from core virtualization capabilities like seamless VM migration.
VergeOS Delivers Near Bare Metal Performance
VergeOS’ compute efficiency also helps formerly bare-metal-only workloads to be able to realize the benefits of virtualization. Historically, many bare-metal workloads remained bare-metal because of the storage I/O demands. VergeOS integration of storage, coupled with the performance of its file system, delivers near-bare-metal performance for these workloads. The VergeOS storage component, VergeFS, ensures all reads are local to the virtual machine. Finally, VergeOS supports nodes of various CPU classes within the same instance. Our customers can and do mix Intel, AMD, and GPU-based nodes, even of different generations. They repeatedly tell us that they were able to virtualize formerly bare-metal workloads without any degradation of performance.
Conclusion
With its inefficiencies and subsequent costs, the VMware Tax represents a significant concern for IT infrastructure planning. Its impact on VM density and the push toward bare-metal workloads signifies the increased expenses and complexities organizations face. As the technology landscape continues evolving, solutions like VergeOS emerge as viable alternatives, offering enhanced VM densities and near bare-metal performance.
By merging the conventional data center tiers and focusing on efficient operation, VergeOS addresses the challenges posed by VMware’s model and presents a forward-thinking solution that adapts to an organization’s dynamic needs. As organizations strive for agility, cost-effectiveness, and scalability, transitioning to platforms prioritizing these attributes will be paramount. VergeOS makes that transition seamless thanks to our IOmigrate capability.