惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
博客园 - 三生石上(FineUI控件)
S
Securelist
U
Unit 42
The Cloudflare Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Simon Willison's Weblog
Simon Willison's Weblog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog
T
Tenable Blog
The Hacker News
The Hacker News
The Register - Security
The Register - Security
IT之家
IT之家
博客园 - 【当耐特】
Spread Privacy
Spread Privacy
P
Privacy & Cybersecurity Law Blog
博客园_首页
T
Tailwind CSS Blog
人人都是产品经理
人人都是产品经理
C
Cybersecurity and Infrastructure Security Agency CISA
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
阮一峰的网络日志
阮一峰的网络日志
T
Tor Project blog
C
CERT Recently Published Vulnerability Notes
Apple Machine Learning Research
Apple Machine Learning Research
Stack Overflow Blog
Stack Overflow Blog
T
Threat Research - Cisco Blogs
T
The Exploit Database - CXSecurity.com
V
Vulnerabilities – Threatpost
A
Arctic Wolf
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
V
V2EX
aimingoo的专栏
aimingoo的专栏
大猫的无限游戏
大猫的无限游戏
Scott Helme
Scott Helme
L
LINUX DO - 热门话题
Cyberwarzone
Cyberwarzone
V
Visual Studio Blog
月光博客
月光博客
爱范儿
爱范儿
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
美团技术团队
G
GRAHAM CLULEY
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
H
Heimdal Security Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

VMware Blogs

Diagnostics for VMware Cloud Foundation (VCF) 9.1 with Old Versions of VCF Components Mastering Infrastructure Policies in VMware Cloud Foundation Automation 9.1 Modernizing the Private Cloud: Why VCF 9.1 Lifecycle Management is a Game Changer Announcing the VMware Cloud Foundation 9.1 Upgrade Planning Tool VCF Breakroom Chats Episode 86 – Containers Made Easy: The New “Container-as-a-Service” in VCF 9.1 Securing Your VCF 9.1 Infrastructure with the Symantec Identity Security Platform Virtually Speaking: The AI Reality Check with Dave Linthicum Zero Touch Provisioning: Activating Edge Sites with VMware Cloud Foundation Edge 9.1 VCF Breakroom Chats Episode 85 – Cloning Success at Scale: Inside VCF 9.1’s App Stack Formation VMware Cloud on AWS の使用状況を確認できる API Unlocking the Full Potential of Programmable Infrastructure with VMware Cloud Foundation 9.1 – New Features and Capabilities Smarter Patching at Scale: Vulnerability Assessment and Remediation with VMware Tanzu Platform Encrypted vMotion Offload to Intel QAT in VMware Cloud Foundation 9.1 Deepen Your Expertise: Four Key Benefits of Attending Increase Deployment Flexibility with VCF Edge Automation 1.0.3 Avi Advantage: Automating Certificate Management of VCF Workloads More Memory, Less Effort: Configuring Memory Tiering in VCF 9.1 VCF 9.1 Licensing: Programmatic, Centralized, and Built to Scale Why APJ Networking Professionals Need Private Cloud Expertise VCF 9.1 Networking: Simpler VPC Connectivity Control VCF 9.1 Networking: Exploring Network Services for Virtual Private Clouds VCF Networking 9.1: Seamless DDI Integration with Infoblox The Open Source Advantage: Building from Source for Ultimate Security Expand Shared VMDKs with Clustered Applications in VMware vSAN for VCF 9.1 Monetizing Zero-Trust Security with VCF 9.1 and VMware vDefend VMware vSAN Protection and Recovery Enhancements for VCF 9.1 Deliver Production SQL Server DBaaS with VMware Data Services Manager 9.1 Maximizing Profitability: VCF 9.1 Cost-Focused Approach for VMware Cloud Service Providers Modernizing Your Infrastructure: Introducing VMware Cloud Foundation 9.1 to VCSPs VCF 9.1 is Available: Explore the New Features in Hands-on Labs What’s New with vSphere in VMware Cloud Foundation 9.1? Resizing VMware vCenter in VMware Cloud Foundation 9 Non-Disruptive VMware vCenter Patching in VMware Cloud Foundation 9.1 VMware vCenter Virtual Hardware Gets an Upgrade in vSphere with VCF 9.1 AI Has Changed the Threat Landscape. Is Your Infrastructure Ready? Simplifying Storage with the New Effective Capacity View in VMware vSAN for VCF 9.1 Auto-RAID in VMware vSAN for VCF 9.1 – Comprehensive System-Managed Data Resilience Introducing VMmark 4.1: Enhanced Power Efficiency Benchmarking for Private Cloud Infrastructure Advanced Memory Tiering Enhancements in VMware Cloud Foundation 9.1 VCF 9.1 Is Here. See It in Action. 博通發布 VMware Cloud Foundation 9.1 How Broadcom Is Helping Enterprises Win the AI Security Sprint How to Prepare for the World of AI Driven Exploits Avi Innovations for VCF 9.1: Powering Kubernetes, Agentic AI and VPC Workloads VCF 9.1: The Secure, Cost-Effective Private Cloud Platform for Production AI Announcing VCF 9.1: Modern Private Cloud Built for Efficiency and Resilience Announcing VMware Cloud Foundation Edge 9.1: A Scalable, Autonomous Edge Platform Accelerate, Streamline, and Control Your Self-Service Private Cloud with VMware Cloud Foundation 9.1 Deploy Modern Apps Faster, Scale Smarter, and Lower Your TCO with VMware vSphere Kubernetes Service in VCF 9.1 Scale Smarter, Save More: Redefining Infrastructure Economics with VMware vSphere in VCF 9.1 AI with VCF 9.1 on AMD GPUs: Build with open frameworks and simplify management, at a lower TCO Streamline, Simplify and Protect all your AI workloads with VCF 9.1 Simplify Workload Connectivity and Enhance Network Scale and Performance with VCF 9.1 VMware and CrowdStrike Deliver New Integration for Cyber Recovery Workflows How Many Users Can Your LLM Server Really Handle? From Infrastructure to Agents: A Hands-On Guide to Secure Private AI with Broadcom – Part 2 The New Frontier: Leading the Cloud-Native Evolution Replicating VMware vSphere Configuration Profile Desired State Webinar Recap: Design and Architecture Considerations for VMware vSphere Kubernetes Service on VMware Cloud Foundation Kubernetes 1.36: What Actually Changed for Enterprise Platforms Enhance Lateral Security and Ingress Load Balancing for Kubernetes Workloads Avi Load Balancer Analytics: Root Cause Application Performance Issues in Minutes Post-Quantum Readiness on VMware Cloud Foundation Registration Is Live for Las Vegas | $ave with Early-Bird May 21, 2026: What’s New in VMware Tanzu Data Intelligence 10.4 From Infrastructure to Agents: A Hands-On Guide to Secure Private AI with Broadcom – Part 1 Stop Guessing: Advanced Monitoring and Troubleshooting for Data Services CPU, Disk, Network, and Memory Workload Profiles for DVD Store Database Testing How VMware Salt Automates Compliance Across Private Cloud Analyst Insight Series #2: Operational Scalability and Lifecycle Management MCP vs. APIs: Why You Need Both for AI Applications The Real Constraint on Enterprise AI isn’t GPUs; It’s Power Deploying Harbor Service in Air-Gapped VMware Cloud Foundation 9.0 Why Enhanced DirectPath Wins for High-Performance Apps Bridging the (.Local) Gap: A Split-Domain Design for VMware Cloud Foundation Deployment Observability on VMware vSphere Kubernetes Service VMware Cloud on AWS: Introducing the Usage Report APIs Converging VMware vSphere to VMware Cloud Foundation 9.0: The Top 10 Questions Answered May 6, 2026: What’s New in Tanzu Platform 10.4: Powering Agentic Apps at Scale VMware Tanzu RabbitMQ Powers the Modern Data Lakehouse with New Spark Integration and Enterprise Tooling Tanzu Data Intelligence 10.4 Delivers AI-Driven Analytics, Unified Real-Time Operations, and Sovereign Resilience Enterprise-Ready Agents Made Simple & Safe with VMware Tanzu Platform Agent Foundations Introducing Tanzu Platform 10.4: Extending Platform as a Service to Agentic Applications How AI-Assisted Analytics in Tanzu Data Intelligence Can Help Remove the SQL Bottleneck From Prototype to Production: Securing Database MCP at Enterprise Scale The Compelling Case for a Private Cloud Data Intelligence Platform The Unification Dividend: Consolidating Database Operations on VMware Cloud Foundation The Modern Spring Workflow Is Enterprise-Ready and AI-Boosted [TAM Blog] セキュアブート証明書の有効期限切れに関する注意点と対応について Accelerate Lateral Security and Ingress Load Balancing for Kubernetes Workloads From Platform to Data: Building a Cloud-Native Developer Experience On-Prem with VMware Cloud Foundation How VMware Cloud Foundation (VCF) Training Helps Keep Top Tech Talent in APJ Build Your Case for Attending VMware Explore 2026 Spring 開発元が提供する商用サポート「VMware Tanzu® Spring Essentials」とは VMware Cloud on AWS より i7i.metal-24xl インスタンスの提供開始 VMware Advanced Memory Tiering Tips for Success VMware Cloud Foundation Edge 9.0: Two-Host Edge Site Deployment with Brownfield Import Your Database Is About to Become an AI Tool. Is It Ready? Applying GitOps Principles to Maintain Desired State Configuration using VMware vSphere Configuration Profile – Part 3 Webinar Recap: Converging VMware vSphere to VMware Cloud Foundation 9.0
Analyst Insight Series #3: Policy-Driven Governance and Multi-Tenant Control
alina thylan · 2026-04-28 · via VMware Blogs

Guest post by Carl Lehmann, S&P Global Market Intelligence

This blog is the final installment in a three-part series that functions as a companion to the 451 Research report, “A Unified Platform Approach to Building Private Clouds for Modern Workloads.” In this blog, we discuss how policy-driven governance helps ensure secure, multi-tenant control and postulate the cultural impact on IT organizations of a unified platform approach to building private clouds for modern workloads.

Scaling safely and sustainably

Policy-driven governance and multi-tenant control are the linchpins that determine whether modern private cloud initiatives can scale safely and sustainably. As enterprises adopt self-service consumption and automation, the risk of unmanaged sprawl and compliance exposure grows if governance is treated as an afterthought. A unified platform approach transforms governance from a reactive, manual review process into an automated, preventive system that enforces policies continuously and consistently across all workloads and tenants.

Policy as code: Automating governance

At the core of this approach is policy as code (PaC), a practice that codifies governance rules into machine-readable policies, defining parameters such as security posture, resource limits and compliance standards. These policies can enforce role-based access, quotas, and lifecycle rules, helping ensure that every deployment adheres to organizational standards.

The rules are evaluated automatically whenever infrastructure is requested or modified. With policies embedded in the platform, requests are validated in real time, so that only compliant configurations are deployed. This eliminates delays associated with manual gatekeeping and creates an auditable history of activity—critical for regulatory verification. Policies evolve alongside business needs, allowing governance to adapt without disrupting delivery speed.

Multi-tenant control: Secure sharing across boundaries

Multi-tenant control enables secure, efficient sharing of private cloud infrastructure across organizational boundaries. A unified platform introduces logical tenancy constructs that isolate workloads while allowing shared use of the underlying physical resources. Each tenant maintains its own identity mappings, network boundaries (such as virtual private clouds, or VPCs), quotas, and service entitlements, helping ensure that one team’s activities do not interfere with another’s. 

Network segmentation using VPC constructs strengthens isolation and enables teams to safely share underlying infrastructure without interference. This is vital for regulated workloads where strict data separation is nonnegotiable. Strong tenancy isolation also simplifies compliance reporting, as artifacts are scoped directly to tenant contexts.

Cost governance and resource optimization

Cost governance is a central benefit of policy-driven multi-tenant control. By embedding quotas, leases, lifecycle rules, and automated reclamation into the platform, IT can prevent overprovisioning and resource waste. Resources no longer in use are reclaimed automatically, eliminating “zombie” environments that drain capacity. Tying usage data to specific tenants enables accurate showback or chargeback, aligning consumption with financial accountability and encouraging teams to treat infrastructure as a finite shared resource.

Enhanced security and compliance

Policy-driven governance and multi-tenant control strengthen security and compliance by embedding guardrails directly into private cloud operations. PaC enforces role-based access, quotas, and lifecycle rules automatically, helping ensure workloads are deployed in accordance with approved standards. Network segmentation, utilization tracking, and automated controls improve visibility and reduce risk, while centralized governance enables consistent auditability and predictable operations across tenants, supporting regulated environments at scale.

Cultural impact: Balancing speed and control

Policy-driven governance reconciles the long-standing tension between speed and control. Application teams gain autonomy through self-service, while IT and dedicated platform engineering teams retain oversight through automated guardrails and product-oriented platform management. By treating the platform as a product—backed by clear tenancy controls and a platform engineering function responsible for roadmap, operations, and developer experience—governance shifts from an obstacle to an enabler of safe innovation. As private clouds host more critical and regulated workloads, this alignment of governance model and supporting team structure will define long-term success, allowing enterprises to scale confidently with governance baked into how infrastructure is delivered and operated.

With policy-driven controls and a product-minded platform team, private cloud can scale safely, predictably, and with confidence.

About the Author:

Carl Lehmann is a senior research analyst in the Applied Infrastructure & DevOps and Cloud Native research channels at 451 Research from S&P Global Energy Horizons. He leads coverage of process automation and integration in hybrid IT and cloud-native architectures, as well as how hybrid IT and emerging agentic AI affects business strategy and operations. His research focuses on agentic process automation platforms, along with ongoing coverage of digital automation suites, robotic process automation, process discovery and mining technologies, and hybrid integration platforms (including integration PaaS and API management). Previously, Carl served as senior vice president of strategy and product management at a B2B integration firm (now part of OpenText) and spent a decade as a vice president of research at Gartner and META Group, advising Fortune 500 organizations. He is the author of Strategy and Business Process Management: Techniques for Improving Execution, Adaptability, and Consistency, published by Taylor & Francis. Carl began his career as a project manager at AT&T and a product manager at Digital Equipment Corporation (now Hewlett Packard Enterprise). He is a graduate of Boston University’s School of Management.


Discover more from VMware Cloud Foundation (VCF) Blog

Subscribe to get the latest posts sent to your email.