VMware reorganized its recently formed Networking and Advanced Security business group following the departure of its ex-SVP Tom Gillis. The group has been split and returned to two separate units. That is, the Carbon Black and NSX businesses now operate independently.

The vendor combined the Carbon Black business and the networking and security business group to form the Networking and Advanced Security business group (NASBG) under Gillis. The integration of NSX and Carbon Black services can provide a network-level analysis that monitors the anomalous pattern across transitions, servers, and networks, Gillis told SDxCentral in an earlier interview.

The turning point is Gillis’ departure last December. “With Tom departing, in some ways, you could argue NASBG as an entity kind of ceased and went back to having two business units with the Carbon Black group and the NSX group. And that's really where we stand now,” Jason Rolleston said.

Rolleston was interim GM of VMware's security business unit including Carbon Black last August and became VP and full-time GM in December. Carbon Black was an endpoint and server protection publicly traded security company that VMware acquired in 2019 in a deal valued at over $2 billion.

Rolleston said VMware noticed the changes in selling approaches over the last few months. “Our selling motion to security is so very different than the core selling motion to an IT buyer for vSphere and some of the core VM [virtual machine] tools that exist, and we really need some flexibility to operate a bit differently as a pure security motion.”

“There are a lot of ways in which our businesses are wildly different — NSX sells a lot with vSphere, and we sell a lot in a more direct fashion to security buyers,” Rolleston told SDxCentral.

After the reorganization, Umesh Mahajan now heads the networking and security business unit, which includes the NSX businesses. Rolleston and Mehajan directly report to the CEO.

NSX is VMware’s software-defined networking (SDN) service in the virtualization layer. The company acquired SDN startup Nicira in 2012 and re-named it NSX for vSphere or NSX-V. IDC research VP Brad Casemore said in an earlier interview that the integration of Carbon Black and NSX “provides a more comprehensive security story.”

However, Rolleston argues the separation won't affect VMware's visibility and security capabilities in the network. The vendor has ensured that its endpoint has embedded technology from NSX advanced threat protection (ATP), which enables complete visibility of network activities from every endpoint detection and response (EDR) agent deployed in the world. While NSX may offer a deeper level of visibility, Carbon Black has no dependency on it.

“It means that every EDR agent we have out there in the world ... has visibility into the network and the network activity that's happening from that system to any other system in the world,” he said. “Anything that has the Carbon Black EDR sensor with XDR  [extended detection and response] enabled, vSphere or not, we're able to see this network data and that's how we're able to put together a complete view of the entire state.”

“NSX has a deeper level of visibility in the network than we do. I think there will be a time where we'll have an integration into those NSX-based environments as an additional value, but it's not a dependency,” Rolleston added.

VMware’s ongoing acquisition process by Broadcom for approximately $61 billion in cash and stock has raised concerns while facing some hurdles. Analysts have been sour on the proposed deal, with many concerned Broadcom’s traditional heavy hand post-acquisitions could stymie VMware’s innovation.

Meanwhile, VMware has lost several high-profile executives in light of the pending deal, including Tom Gallis who returned to Cisco and became the SVP and GM of its Security Business Group.

Rolleston noted VMware's security team has been staying focused on what the team can control and execute during times of uncertainty. “The teams really stayed on and executed really well and brought something to the market that's truly unique that we're getting the kind of feedback we are that we think is going to power our growth for years to come. So we're kind of not bothered by it, and all the guidance we're getting from all parties is to keep doing what we're doing, push hard, innovate, continue to be the player we are in security, and our future will be bright.”

“XDR is a great example,” he added. The vendor introduced Carbon Black XDR last year, which is built on its endpoint detection and response (EDR) and Contexa threat intelligence capabilities. The security business unit has been working on this product for the last 15 months and it is now generally available.

Rolleston explained that XDR can be a confusing topic, but “best XDR is actually just a better EDR.”

“What we are doing is that the endpoint and network it's really combining and combining it natively at the sensor level,” he added.

VMware is focusing on the endpoint and network security, controlling the data points, and strategically expanding to complete the solution for use cases. Rolleston argues that XDR is a label, but technically it's just more visibility.

Like the team, Rolleston hopes customers also put the noises from the deal aside.

“Broadcom certainly has the reputation. But look, we're working through it and continue to push forward and we wait to communicate to them the best way we can,” he said. “Stop paying attention to what you hear or what might be or trying to project it out. Stay with us, stay engaged with us, and if you see us executing and bringing innovation to market and continue to push forward. That's the thing that should matter the most to you, and that's what we're trying to do.”