It's been little more than a year since former Microsoft executive Paul Maritz replaced Diane Greene as the President and CEO of VMware, but Maritz has moved quickly to shake things up at the company. He bolstered VMware's formerly anemic partner efforts and streamlined its management structure. A steady procession of former Microsoft colleagues have joined Maritz at VMware, including Mark Lucovsky (who was part of the original Windows NT engineering team), COO Tod Nielsen (former vice president of Microsoft’s platform group), and EVP and Chief Development Officer Richard McAniff (former VP of Microsoft Office). Maritz also helped formulate a more coherent vision for the company that leverages VMware's strength in virtualization to create a commanding beachhead in the burgeoning cloud computing space.

Yet as successful as VMware has been over the last decade, it now faces more competitive pressure than ever. Microsoft continues to improve its virtualization offerings, with Windows Server 2008 R2 now offering a long-awaited Live Migration feature comparable to VMware's impressive vMotion technology. Oracle has acquired virtualization platform providers Virtual Iron and Sun Microsystems, and Citrix continues to improve its XenServer, XenApp, and XenDesktop products.

I interviewed Paul last year at VMworld 2008 and asked him how he planned to keep VMware one step ahead of Microsoft. Here's what he had to say:

 

"When you're competing with Microsoft, you have to do two things. One is you've got to shift your taillights somewhere they're not comfortable going. And then secondly, make no mistakes, and that's what we're trying to do."

To get an update on how VMware plans to keep the competition at bay, I recently sat down with Paul at the VMware campus in Palo Alto, CA, to get his thoughts about competing with Microsoft, the launch of vSphere 4.0, and what the future holds for virtualization in the enterprise.

Jeff James: How does the launch of vSphere 4.0 fit into the larger strategic vision of where you want to take VMware in the next few years?

Paul Maritz: Customers have this dilemma in that they want to get a fundamentally simpler, more efficient way of running IT. I've quoted some statistics that indicate 75 percent of some IT budgets goes to keeping the lights on, keeping the water flowing, and the rest of it. People are noticing that that's unsustainable in the long term, that increasingly boards of directors are asking harder and harder questions about that. Some of them open their papers on the airplane and read about all the cloud magic that is happening and they're coming back to their IT organizations and saying "Why are we stuck in the Dark Ages here? Why don't we just jump into the cloud and fire all you guys?"

Jeff James: There's a Dilbert comic strip that says the same thing: Dilbert's manager reads about virtualization, and then asks why the IT staff is taking so long to implement the technology.

Paul Maritz: Exactly, but now it's the cloud.

It's indicative of a real challenge here because existing IT cannot just jump into the cloud. They have existing applications that are never going to get rewritten; they have real security concerns, so the challenge for the whole industry is how do we provide cloud-like capabilities into the existing data in a digestible, evolutionary way? We think that virtualization, broadly defined, is the key to doing that. And I mean that, whether it comes from us or someone else. There is no other strategy that is going to cut through these tentacles of complexity and allow people to get out of the trap they are in right now and reach forward to a simpler, more efficient environment.

And to do that, you have to take a much broader view of what virtualization is. It has to become, essentially, this layer of software that truly hides all the complexity in the resource layers, whether those be hardware or software resources, and frees the application of having to know too much or being dependent upon anything else down there. So, why we chose to draw a line with vSphere, and say this is really a generation change going forward, is that it's not only doing more and better of what virtualization did in the past, in terms of scalability and performance, et cetera, but it really is about enabling a whole new set of functions to become virtual as well. And to really get this vision of the internal cloud to come about, anything that is tied to a physical device today has to be freed from that device. So whether it be a firewall, a router, a data scanning engine, or whatever—all those things that today are physical boxes have to transform into things that can essentially be attached to these applications and move around with the applications.

In that sense, this layer of what traditionally we'd call virtual infrastructure has become an operating system for the data center, or if you want to be more sexy, for the cloud. And really that is the vision that we can take our customers on: Here is a nondisruptive way of taking your existing applications and starting to get control of the complexity and get to fundamentally higher levels of efficiency, simplicity, and manageability.

As we hide a lot of the complexity, it also opens up the opportunity for people to essentially provision their infrastructure in different ways. Instead of buying it and running it themselves, they can rent it in the future. So part of this is working with the service provider community sites—the ultimate freedom is that not only will the way that you look at and run your applications be simply more efficient, but you'll actually have the opportunity to partially, or even completely down the road (but more likely partially), get out of the data center business.

Jeff James: How would you compare your approach to virtualization and cloud computing to what Microsoft has articulated as its strategy?

Paul Maritz: Well, we, more so than Microsoft, have worked very hard \\[to get to the point where\\] anything you put into this container we call a virtual machine can get full benefits, and you don't have to do any rewriting of the code. And that's harder to do—you have to really work hard at it—but that's the essence of who we are.

Jeff James: Several VMware executives have told me that VMware's long-term goal is to make accessing and using IT resources much more dynamic and fluid, possibly up to the point where allocating new IT resources could be as easy as plugging in a laptop: You don't know (or care) how the electricity is generated, but you know it's very easy to access. How far do you think we are from that?

Paul Maritz: To make something to be completely automatic—that is a nirvana that we are reaching toward. We think that we can take big steps along that road. We can take over, to a large extent, the job of managing the storage underneath. We've already taken over the job of managing the CPUs and memories. And part of the vSphere generation is a new set of management tools that let you manage at the application level, so we can do a lot of things automatically at that level. We think we'll take a big step down that road in 2009.

Jeff James: Our readers have a lot of concerns about cloud computing. How will you address things such as security, identity management, and data protection, regardless of whether it's an external cloud or an internal cloud?

Paul Maritz: Well, the internal cloud is a lot easier to address because we provide a lot of the tools that you need to ensure security; as Steve \\[VMware CTO Steven Herrod\\] has been saying, we have the ability to essentially create secure zones in all those areas. So even though we're moving things around dynamically in order to take best advantage of the available hardware, we make sure that the security policies you've set up are glued to the application and travel with it. That's an example of how things are physically done today—you do a lot of security by putting firewalls around the edges. But when the applications are moving around, what do you do? Do you send a guy out to pick the firewall up and run over and put it down somewhere else?

What happens now is that firewall, figuratively speaking, travels with the application, and gets bound in a very real sense with the application itself. So, you can argue that the internal cloud will actually be more secure than the existing data center because it won't be as dependent on human beings to have to remember how to patch things up. We think we can make with a straight face the claim that the internal cloud will actually be a more secure and compliant environment. One of the things we're doing through the VMsafe APIs is working with the security and compliance community so they can build a whole range of these policy engines, if you like, that can look for different kinds of security. So you can do mobile firewall kinds of things, but it's the perfect place to do things like intrusion detection or data-loss prevention.

If you want to say to us, every time a packet flows between application B and application A, you want it scanned for nefarious intent, we can work with people who specialize in that to make it happen.

So, the internal cloud I think is a good story. The external cloud is obviously a more challenging story because, number one, a lot of things are subject to regulation. You can't just put data wherever you want to—those regulations, for better or for worse, are written in physical terms. I sign a piece of paper every quarter \\[for compliance with\\] Sarbanes-Oxley that says we have a policy about who can get access to our data center and who can't, and it's all based upon who has a card key to get where. Obviously, that becomes a different issue when you start putting things in someone else's data center.

So, there's going to need to be some maturation in the industry here. But on the other hand, there's a lot of very sensitive information that is already outsourced. Every company in the Western world, basically, outsources their payroll. The payroll guys hold my Social Security Number, all sorts of really sensitive things, but we all trust ADP to do that. That's because it's been built up for a period of 30 or 40 years now, and ADP has put the right checks and balances and safeguards in place.

And I think the same set of things will evolve here—people will become more sophisticated in their choices for who their service provider or cloud partner will be, and they'll be able to differentiate between people like ADP, who have earned the right to hold the Social Security Number of every single one of your employees, versus Joe's rent-a-box down the corner.

Jeff James: When we met last year at VMworld, I asked you specifically about how you'll compete with Microsoft. One of the things you said was that one of the ways to stay ahead of Microsoft is to keep moving your taillights and keep one step ahead of them while still being very respectful of what Microsoft is capable of. Since that time, VMware has hired quite a few executives from Microsoft. Maybe you could talk a little more about your philosophy on how you're going to continue competing with Microsoft?

Paul Maritz: Well, that's two parts. One is, we actually only hired two or three—three if you count myself. Both Tod and I were out of Microsoft for quite a period of time. Tod and I both quit in 2000, so there was a good eight or nine year period during which we've had several lives in between, so we don't really count, I think. Richard clearly did come recently from Microsoft, although he had left Microsoft before he decided to come to VMware. And they are very experienced managers who have operated in systems software environments, understand a lot of both the challenges we face in the industry, as well as the type of people we have because plenty of our employees are the same type of people as you find at Microsoft or wherever. So, they understand the tribes, so to speak, and even more importantly they look like members of the tribes. \\[Editors note: VMware hired former Microsoft executive Mark Lucovsky after this interview took place.\\]

Jeff James: Always a benefit.

Paul Maritz: The second part of the question, competing with Microsoft, is basically the same issue. We have got to do a better job at what we do, which is being able to aggregate and scale and do virtualization better than they do. And secondly, we have to lead, so this whole notion of how do you virtualize not just the CPU and the memory but all of the infrastructure in the data center is something we've been working on for a couple of years now and they haven't even gotten to that point now.

Jeff James: And all of the stuff you're working on with your partners . . .

Paul Maritz: Right, reflects that. So, that's the point of staying ahead of them. And then thirdly, you have to do things that they are going to be reluctant to do. They are going to be reluctant to provide really great support for alternative programming frameworks, whereas we intend to embrace all the new programming frameworks that come out.

Jeff James: One of the things I noticed in the product rollout for vSphere 4.0 is the number of editions of the product you’re providing. Some of them are targeted at the small-to-medium business (SMB) market. Is the introduction of these versions driven by Microsoft entering the market with Hyper-V, or are you responding to the lackluster economic conditions, or is it a combination of factors?

Paul Maritz: It's really a combination of realizing that while there's a high degree of overlap between the needs of the enterprise and the SMB, actually, in a weird way, it's some of the more advanced features that the SMB guys need. But you need to be able to package it and make it in a more complete form for the SMB because they don't have internal staff—they want to just take something and have it work.

So part of it is realizing, while there's a lot of commonality, we have to address the specific needs of the SMB market, which is both a need for greater completeness and a lower price in some cases. We've tried to find that sweet spot that we think will make it easier for our channel partners to reach their customers and do business with them.

And the other thing that I've done in that space is, as you know, since July of last year we've been giving away ESXi. We've had about 9,000 downloads a week of ESXi. A lot of those are people kicking the tires or downloading because they have nothing better to do, but some of those do get deployed and anchored, and even if it's 10 percent, it's still a substantial amount. So one of the packages we have is targeted at providing an upgrade path specifically for those customers.

Jeff James: What would you say to an IT professional or CIO who's evaluating vSphere to convince them to go with vSphere rather than a competitive solution?

Paul Maritz: I think there are two major reasons. One is we can run your aggregate infrastructure more efficiently, whether it be CPU utilization, storage, or power. \\[We've seen statistics that show that\\] in certain situations—just by upgrading from VI 3.5 to vSphere 4.0—you can save $2 million in terms of lower power utilization, better storage utilization, et cetera. So, number one, it's greater scale and efficiency, and one of the sub points under that is we can handle any load of knobs. So now, with a straight face, we can say to people, "You should virtualize 100 percent of your x86 environment." The second major reason is it's simpler in high-level management.

Jeff James: That's been a big issue with our readers. We've heard from a lot of readers that managing VMs is difficult.

Paul Maritz: We've done a lot of work to address all those concerns: VM sprawl, VM lifecycle, all of that kind of stuff. You're going to see a lot of management suites come out from us, due in the remainder probably of this year, that target the principle scenarios that people have. One of them is managing the VM lifecycle, how do you prevent VM sprawl, we have things in there where VMs will have predetermined lifespans so unless you do something to them, they blow up.

Jeff James: Like Maxwell Smart.

Paul Maritz: Right, exactly. They'll go away after three months so you don't have zombie VMs running around.

\\[We've heard from customers that they'd like improved management for\\] disaster recovery, test and development, and the application-level management. So we're targeting these high-level scenarios with virtual machine, test and development, disaster recovery, and application management solutions, trying to get people up and away from the plumbing.

Jeff James: Microsoft seems to be really good at the care and feeding of its partner ecosystem. It looks like, especially since you've come on board, that VMware has also been really aggressive about building out its partner network. How important are your partner relationships in your strategy for the long-term success of the company?

Paul Maritz: It's absolutely critical from two perspectives. One is we're trying to build a platform, so we have to have a bunch of technology partners, and we're trying to do a better job of working with that collection of people. So one of the things we've done inside our R&D group is to have an organization under a single senior manager who is targeted at how we technically work with people, and trying to make sure we do a better job of getting them information, helping them run certification systems, et cetera.

And one of the big assets we have right now is that there are only three hardware certification environments that really matter. There's Microsoft, Red Hat, and ourselves. If you're a hardware vendor today, basically those are the three environments that you need to certify against. And it's no mean achievement to get one of those, and we have gotten ourselves to the point that we are one of the three entities that anyone who wants to sell infrastructure in the x86 environment has to participate in, and we're trying to grow that and extend it.

The other, I mentioned, partners is obviously our channel and good market partners, which are equally important to us. We're trying to work to extend those to not only do a better job of reaching to and rewarding those channel partners who have been particularly productive for us—make it worth their while to sell our products. Part of it is lowering their costs by giving them better education so they don't have to spend time educating themselves on their own nickel, and secondly making sure that our modern structures are fair and let people do good work. So we have programs like Advantage Plus, whereby channel partners can register a deal so if you really develop that customer and educate the customer, you will get rewarded for it—you won't suffer if someone else sweeps in and steals the deal under your nose.

So we're trying to, as I've said, reward those parts of our channels. Invest in those people who are willing to invest in us. And, in addition, we're also extending our reach to people who are in the services space. So we have this back program—the Value-Added Consultant (stands for VAC) program.

Jeff James: We could really use a glossary of all these different names and acronyms. Microsoft must have generated a few hundred by themselves.

Paul Maritz: Well, we've unfortunately never done that. The only one we screwed up was Advantage Plus because we didn't put a V in front of it. Maybe because it has a V in the middle of it, I don’t know. But basically, those are the kind of programs we're doing—realizing that we need a broader community of people who are providing services in and around our product, and how do we work with them in a way that becomes both important and lucrative for them to do that.