VMware customers—and more specifically customers of VMware’s vRealize Automation (vRA) and vRealize Orchestration (vRO)—are currently living through a trifecta of disconcerting realities that have many of them rightfully worried. There’s a perfect storm brewing, and in the cloud that’s never good.
Understanding The Trifecta
So, what exactly are the three main issues causing growing consternation and gnashing of teeth? Well, the one gaining the most media attention right now is Broadcom’s announcement of its desire to purchase VMware for $61 Billion. Seasoned IT veterans will remember from the CA (Computer Associates) and Symantec acquisitions that Broadcom has a track record of buying a customer base and then milking the cash cow for as long as possible. Note the first sentence in this article from The Register: “VMware customers have seen companies acquired by Broadcom Software emerge with lower profiles, slower innovation, and higher prices – a combination that makes them nervous about the virtualization giant’s future.” And that’s what happens if you’re one of the largest (read: most important) customers. If you’re not a top 500 customer then your prospects could be even bleaker as forced attrition may be in your future using history as our guide.
While I don’t advocate chasing ambulances or reveling in the misfortunes of others, I’d be remiss if I didn’t at least acknowledge the second issue at hand—VMware’s security is in question as a result of the Cybersecurity and Infrastructure Security Agency (CISA) finding four vulnerabilities among various VMware commercial products. Two of the four vulnerabilities were actively being exploited by cyber-attackers, affecting the following VMware products:
- vRealize Automation (vRA)
- vRealize Suite Lifecycle Manager (vRSLCM)
- Cloud Foundation
- Workspace ONE Access
- Identity Manager (vIDM)
The third and final issue in this perfect storm is actually specific to vRA/vRO customers and is a self-inflicted wound: VMware is ending support for vRealize Automation 7.6 and earlier (vRA) and vRealize Orchestrator 7.6 and earlier (vRO), forcing customers into making a painful choice—stay with vRealize and painstakingly re-write all of their integrations, automations, and processes over again in the newer version or seek alternatives (Terraform, Native Tools, VMware competitors) to replace vRA/vRO altogether.
What steps can be taken now?
Who knows what the future brings, but hedging your bets and protecting yourself a bit can pay dividends later. Seems obvious, but you want to minimize your reliance on any one solution, particularly the ones identified above. Broadcom is obviously not going to tank the entire VMware business and honestly, they’re incentivized to make it thrive, but history tells us to proceed with caution. Just revisit recent Broadcom acquisitions—CA Technologies (acquired in 2018) and Symantec (in 2019)—and examine who exactly benefited.
Put New VMware Purchases On-Hold
If you were planning any new VMware purchases, taking a more cautious approach may be prudent. It never hurts to wait and see how things “shake out” post-acquisition. If you must have something now, don’t bite on a typical 3-year commitment. Keep an escape plan with as little financial and technical risk as possible. Similarly, I would suspend any VMware professional service engagements that are not critical. Maintain your optionality.
Redundancy & Overlapping Capabilities
How many different versions of Terraform, Ansible, or other projects are running independently in your environment today? Most organizations have some sort of cloud management tooling, be it native or commercial, and most have some sort of cost tracking approach, either manual or commercial. How many tools are needed and can you consolidate to cover if VMware tools are no longer in the mix? What is the lift (cost & effort) to make that happen? Start planning now. Have a “Plan B” just in case.
Search for Alternatives
Know what new technologies are available. How is the market talking about solving for your specific challenges now vs 2 years ago? What vendors and solutions are popular now for your use case(s)? Why are they popular? Do you prefer a managed-service or DYI approach? If you had to switch tomorrow… You catch my drift. Be prepared!
You’ve heard the phrase, ”all good things must come to an end.” I have no idea if VMware’s time has come or is only beginning to take off for new heights. But the past tells a cautionary tale and recent findings don’t help the situation. The advice I give is simply this—have a backup plan. As with anything else in life or business, plan for contingencies or plan to fail.