Shared Responsibility Model - vSphere+ and vSAN+
Introduction
VMware vSphere+ is a multi-cloud workload platform that bring benefits of the cloud to on-premises by deploying high-value cloud services to easily build, run, manage, and secure traditional and next-gen applications. VMware vSphere+ combines industry-leading virtualization technology, an enterprise-ready Kubernetes environment, and high-value cloud services to transform your existing on-premises deployments into a SaaS-enabled infrastructure.
VMware vSAN+ is VMware’s premier hyperconverged infrastructure (HCI) offering which extends VMware vSAN’s capabilities to now deliver cloud-connected services, which help IT administrators to centralize management and enhance efficiency of their VMware vSAN environment. VMware vSAN+ builds on the benefits customers receive from VMware vSphere+.
Shared Responsibility Model
VMware vSphere+ and VMware vSAN+ implement a shared responsibility model that defines distinct roles and responsibilities of the three parties involved in the offering: Customer, VMware, and AWS.
Customer responsibility, “Security of the Infrastructure and applications”
The customer is responsible for compliance for the customer’s on-premises infrastructure, virtual machines (VMs), networks, and applications that they manage. Customer workloads run in the customer’s own on-premises environment.
VMware responsibility, “Security of the Management Software”
VMware is responsible for Subscription/License management, configuration management, and assisted vCenter lifecycle, Gateway.
AWS responsibility, “Security of the infrastructure”
AWS is responsible for the physical facilities, physical security, infrastructure, and hardware underlying cloud services offered by AWS.
VMware vSphere+ and VMware vSAN+ Responsibilities
VMware vSphere+™, incorporating VMware vSAN+™, includes Cloud Services and a Cloud Gateway operated by VMware along with inventory that is operated by the customer. The diagram below color codes the VMware vSphere+ high-level architecture to help clarify the shared responsibility model, with customer responsibilities represented in green and VMware responsibilities represented in dark blue.
Shared Responsibility Matrix
Entity | Responsibility/Activity |
Customer |
|
VMware |
|
Shared Customer and VMware |
|
Amazon Web Services |
|
References
For a detailed information on VMware vSphere+ service description, please refer to documentation available at:
https://www.vmware.com/agreements.html
VMware vSphere+ ™ Getting Started:
https://www.vmware.com/products/vsphere/vsphere-plus.html
VMware vSphere+™ Security Overview:
VMware Cloud Services Guide: