Conclusion

The ability to deliver infrastructure services to multiple external consumers is a core component of a service provider’s business. VMware provides many opportunities for service providers to deliver secure dedicated services to multiple tenants, whether the architectural model is based on a dedicated vCenter Server platform, a shared vCenter Server platform, or a vCloud Director platform. By providing multiple trusted multitenancy options, service providers can address the key concerns of tenants in a multitenant environment: confidentiality, security, compliance, service levels, availability, data protection, and management control.

VMware uses a layered approach, with security controls, isolation mechanisms, and monitoring controls embedded in the network, compute, and storage layers of the infrastructure. This layered approach provides secure access to the cloud resources, guaranteeing resources to tenants, and providing abstraction of the physical elements away from the tenants through the software-defined data center, which allows the infrastructure to provide logical isolation without dedicating physical resources to each tenant.

Effective, efficient coordination and management of the vCenter Server platform and other VMware components and processes across the infrastructure are critical to delivering IaaS and the confidentiality and security of tenant data, which is a fundamental requirement of a multitenant environment. Again, the following six foundational elements form the basis of any VMware Cloud Provider Program secure multitenant model:

• Secure Separation – Provides that the resources of existing tenants remain untouched and uncompromised when new tenants are provisioned. vCenter Server, ESXi, and NSX provide secure separation methods at every layer of the shared converged infrastructure to safeguard the security and privacy of each tenant.

• Service Assurance – Provides tenants with consistent and reliable service levels that accommodate their growth and changing business needs. Various methods are available from VMware to deliver consistent service level agreements (SLAs) and optimize quality of service across the network, compute, and storage components of the platform.

• Security and Compliance – Maintains the confidentiality, integrity, and availability of each tenant’s environment. The VMware software-defined data center provides security at every layer of the shared infrastructure using technologies such as identity management and access control, encryption and key management, firewalls, malware protection, and intrusion prevention.

• Availability and Data Protection – Provides that resources such as network bandwidth, memory, CPU, or data storage are always online and available to tenants when needed. The VMware software-defined data center provides a secured environment by using threat detection and mitigation, including the monitoring and response to intrusions and attacks against the environment and its tenants.

• Tenant Management and Control – Allows tenants to change the environment to suit their workloads as resource requirements change.

• Service Management and Control – Simplifies management of resources at every level of the infrastructure, and provides the functionality to provision, monitor, troubleshoot, and charge for the resources used by tenants. The VMware software-defined data center platform helps address these challenges by providing scalable, integrated management solutions inherent to the infrastructure and a rich, fully developed API stack for adding additional service provider value.

VMware Cloud Providers are extensively involved in designing, testing, and validating the VMware software-defined data center with innovative technologies, platforms, and solutions at the network, compute, storage, layers. VMware Cloud Providers can use these tested solutions to deploy secure and trusted public and private clouds. By using these solutions as a reference guide, they can create a trusted infrastructure that is secure, flexible, highly functional, and interoperable to generate revenue by providing value-added services.