Tips for building secure and resilient cloud-native infrastructure
By Guy Daniels
Sep 26, 2025
To embed our video on your website copy and paste the code below:
<iframe src="https://www.youtube.com/embed/8XSXAeBfakQ?modestbranding=1&rel=0" width="970" height="546" frameborder="0" scrolling="auto" allowfullscreen></iframe>
Guy Daniels, TelecomTV (00:05):
Hello, you are watching TelecomTV I'm Guy Daniels. From running AI workloads on sovereign infrastructure to defending against rising security threats. Tokos are tackling some of today's biggest challenges. We're going to look at how operators are simplifying cloudnative evolution, breaking down silos and collaborating more effectively with their solution partners. And joining me on the program is Paul Turner, vice president of products of the VCF Division at VMware by Broadcom. Hello Paul. Really good to see you. Thanks so much for joining us today. Now AI is reshaping telco network. So how is Broadcom enabling telcos to run AI workloads on sovereign private infrastructure?
Paul Tuner, VMware by Broadcom (00:52):
Yeah, well first off, great to catch up with you guy and of course all of your audience out there. But it is a really interesting time because what you're actually seeing is first you can see the political climate and the things that are changing in that. What that is demanding is more sovereign kind of controlled private AI kind of infrastructure. Because ai, every company is innovating with ai. It's not just the telco companies, but all of their providers, all of the companies that they provision to are also looking at AI for innovation. But it's very important that we look at AI in a safe way, in a secure way, in a sovereign way, in a trusted way. And what that means is how can you actually deliver AI models and the ability for you to iterate on those models and improve those models and actually do generative ai, but build it on a private kind of cloud solution?
(01:47):
And that's what we help telco operators do. They can actually implement a sovereign cloud operation with all of the public models that are available, but bring them down into a secure, trusted kind of runtime and then help them to iterate on those models and help them to improve them and help them to actually do the rag tuning and optimization that they need to do so that they can build better applications and services. And more importantly, they can deliver that as a sovereign AI service out to their customers. And I think that's where the big potential telcos are looking for money streams right now. And one of the big potential streams and revenue streams is definitely to look at the AI space and there is demands. Telco operators are well recognized in the market as trusted operators. The potential for them to deliver sovereign AI services on top of their trusted network is huge. And I think it's, we're only at the very beginning of it, but I think it's certainly, it's been a very cloud dominated world. I think you're going to see it become a telco dominated world as they deliver sovereign AI services out to customers.
Guy Daniels, TelecomTV (02:53):
As you say, Paul, a huge potential here. Now, recently though, we've seen a growing number of well-publicized ransomware and security attacks on businesses. What can telco operators do to maintain a secure and resilient infrastructure and protect their reputations?
Paul Tuner, VMware by Broadcom (03:11):
Yeah, well, guy, I am here in London at the moment, and it is quite shocking. I'm hearing it from all of the customers. The headlines don't lie, right? A $400 million loss that was declared by a major British retailer back in May or June of this year, the production lines of one of the leading car manufacturers in the UK already being down for weeks and going to be down for another few weeks. Those are not just ransomware attacks. Those are existential attacks on your business where you may not have a business if you continue at that rate. Now, the good news is for all of you telco operators and for all of our customers out there is that vSphere and the VMware Cloud Foundation, which it takes here, software defined networking, storage, compute, and all of the automation. But importantly, it already has built into it all of the security and trust capabilities that you need to actually lock down your environment.
(04:09):
And the first thing that you should look at is multifactor authentication so that, because a lot of those were credential attacks. So lock those things down. Make sure you put MFA in place, then look at secure boot of your environment. Look at encryption at rest and in runtime, look at how do you do patching of your environment to make sure that you've already taken any of our critical CVSS, our kind of critical security patches, apply those across the environment. We make it easy. You can live patch the environment, and then you can move forward to knowing confidently knowing that your platform and your cloud platform that you're running your applications and your operations on as a telco operator are actually secure, trusted, and have all the compliance that you need in terms of different standards of compliance. The second part of it is look at securing your network and securing your network, I think really comes down to how do you bring in east west kind of firewalls to start protecting and isolating applications from one another.
(05:09):
That side channel attack is really something to look at for, so the good news is all the capabilities are already there. We don't have to build something that new. We don't have to. It's easy enough for us to protect environments from all the threats that you saw out there, it does require a little bit of prowess. And I think just more an operational standardization from you to say that I must put this in place and that's what I would like to see happen is telco operators use the features that are already there. You already have it in VCF
Guy Daniels, TelecomTV (05:48):
And Paul, we're seeing that telcos are evolving their environments to deliver more agile applications and cloud native functions. And VMware, the company acquired Heptio has been a leader in cloud native apps. So how are you now simplifying and accelerating the delivery of cloud native functions?
Paul Tuner, VMware by Broadcom (06:07):
Well, I think the really exciting thing is you think about it, Kubernetes and cloud native functions is not actually all old. When we acquired Heptio back in, gosh, 2018, what we've actually done is they were the founders of Kubernetes. So what we've done is actually taken that Kubernetes platform and all of the prowess that we have built as part of tansu, we actually built it into the core function of the VMware Cloud Foundation platform. So built into cloud foundation, you get A-C-N-C-F compliant Kubernetes interface, you get a Harbor registry service, you get a backup service, Valero backup service, you get Prometheus, you get monitoring services. And more importantly, we just announced a container runtime partnership actually with a great English company from here canonical. So that's a full Ubuntu runtime so that you can actually run secure containers, you can run all of the services that you need.
(07:03):
So the simplest way to deploy your CAS applications, if you look at AU operators, we're trying to make this shift from VNF based environments or virtual machines. Many applications are still virtual machine based, but you need to be able to run all of the container CNF based applications along with the VNF based applications are being delivered by the telco providers. And so how do you do that? The easiest thing is to actually run those on a single platform that can actually run both incredibly well and that has all of the services that you need to deliver and has long-term support that you need to deliver and has the multi versions, because one of the problems is many different vendors all have different kind of stack dependencies. Ours delivers you multiple versions of the product. It delivers a CAS platform that can run all of the telco operator, all of the operators that you need as a telco provider delivering your CNF based environments that you need. So it's really about simplicity and how do we bring that into a single operations platform and also look at forward, protect your infrastructure as you evolve from virtual machine-based infrastructure and bring in container-based infrastructure often running alongside. And I expect for the next five or six years at least, it will be combined like that. But you've already got a platform then that is forward built for container and your CNF based environments.
Guy Daniels, TelecomTV (08:38):
Okay, thanks Paul. Well, can we talk now about silos? Because running IT and network workloads on separate stacks does create silos. So how does VMware Cloud Foundation change this for operators?
Paul Tuner, VMware by Broadcom (08:49):
Yeah, well, I mentioned that earlier, right? You are going through a transition for an operator. They're transitioning from a former virtual machine heavy environment into kind of a mixed environment right now of VMs and container environment. And over time, they are moving more and more of their infrastructure towards cloud native infrastructure. So what you don't want to do, I think it's highly inefficient, and I think everybody knows this, is to run independent stacks. Now, if you look at IT technology, we've actually been running very efficient and highly cost effective runtimes inside an IT for many, many years. Treating the telco core network as an independent network that we manage independent of everything else is an inefficient way of doing it. So the ideal is actually bring the IT workloads and the core workloads and have it as a common operations platform. So that means you get the common skillsets that the people that you have, they can run those operations.
(09:49):
You get a lot of the benefits of compliance and security and trust and everything that I mentioned earlier is actually needed for IT environments as well as your core network environments. So you get all of that best practices built into it, and of course the single platform so that you can run container-based applications and your modern kind of Kubernetes led by kind of applications or just a container service application along with your VM based applications. So that single platform saves you cost in terms of people and people reskilling saves you cost in terms of standardization and compliance and security and trust of your platform that you're running a more secure and trusted kind of platform and saves you costs because you will be able to actually leverage more kind of common infrastructure. Of course, both. And it's going mandatory that both of 'em have high resilience, high uptime, never down environments, but that's becoming true for IT or core network environments or even as we look at manufacturers going into the OT environment. But that's a different story.
Guy Daniels, TelecomTV (10:59):
Well, Paul, you talked earlier about running V NFS and CNFs together as telcos make this evolution from VFS to CNFs, collaboration with network equipment providers is absolutely essential. So how does Broadcom work with companies to ensure seamless integration lifecycle management and also cloud native readiness?
Paul Tuner, VMware by Broadcom (11:22):
Yeah. Well, I was actually just mentioned earlier, I'm here in London because I was meeting up with some of our partners when we bring our partners and our customers together. So we had Ericsson and Nokia and VMware and all of our customers sitting together looking at how can we actually build best operations together and how do we deliver that as a validated kind of trusted solution into the customers? And that's a really important factor. The benefit for the telco operators is you can really choose and you can start mixing and matching and get that kind of choice, whether it's Ericsson, Nokia, veer, Samsung, other operators, Oracle, depending on the operator that you have and which type of applications you have, you can run all of those on this common infrastructure. And the big thing we do is we spend a lot of our time on all of our telco platform. We have a Telco cloud platform that builds on top of our BCF platform, but all of the work we do there is about how do we integrate better with the telco operators, but how do we integrate with the net vendors? How do we make sure all of those applications are validated, they're performance tested. We do validation on the scale of those so that you don't need to do that. And we can always get better at that, but it's a big part of our investment in terms of our engineering effort.
Guy Daniels, TelecomTV (12:47):
Good to hear. Well, Paul, we must leave it there for now. It's great talking with you and thanks so much for sharing your views with us today.
Paul Tuner, VMware by Broadcom (12:53):
Yeah, sure. Great. Catching up.
Hello, you are watching TelecomTV I'm Guy Daniels. From running AI workloads on sovereign infrastructure to defending against rising security threats. Tokos are tackling some of today's biggest challenges. We're going to look at how operators are simplifying cloudnative evolution, breaking down silos and collaborating more effectively with their solution partners. And joining me on the program is Paul Turner, vice president of products of the VCF Division at VMware by Broadcom. Hello Paul. Really good to see you. Thanks so much for joining us today. Now AI is reshaping telco network. So how is Broadcom enabling telcos to run AI workloads on sovereign private infrastructure?
Paul Tuner, VMware by Broadcom (00:52):
Yeah, well first off, great to catch up with you guy and of course all of your audience out there. But it is a really interesting time because what you're actually seeing is first you can see the political climate and the things that are changing in that. What that is demanding is more sovereign kind of controlled private AI kind of infrastructure. Because ai, every company is innovating with ai. It's not just the telco companies, but all of their providers, all of the companies that they provision to are also looking at AI for innovation. But it's very important that we look at AI in a safe way, in a secure way, in a sovereign way, in a trusted way. And what that means is how can you actually deliver AI models and the ability for you to iterate on those models and improve those models and actually do generative ai, but build it on a private kind of cloud solution?
(01:47):
And that's what we help telco operators do. They can actually implement a sovereign cloud operation with all of the public models that are available, but bring them down into a secure, trusted kind of runtime and then help them to iterate on those models and help them to improve them and help them to actually do the rag tuning and optimization that they need to do so that they can build better applications and services. And more importantly, they can deliver that as a sovereign AI service out to their customers. And I think that's where the big potential telcos are looking for money streams right now. And one of the big potential streams and revenue streams is definitely to look at the AI space and there is demands. Telco operators are well recognized in the market as trusted operators. The potential for them to deliver sovereign AI services on top of their trusted network is huge. And I think it's, we're only at the very beginning of it, but I think it's certainly, it's been a very cloud dominated world. I think you're going to see it become a telco dominated world as they deliver sovereign AI services out to customers.
Guy Daniels, TelecomTV (02:53):
As you say, Paul, a huge potential here. Now, recently though, we've seen a growing number of well-publicized ransomware and security attacks on businesses. What can telco operators do to maintain a secure and resilient infrastructure and protect their reputations?
Paul Tuner, VMware by Broadcom (03:11):
Yeah, well, guy, I am here in London at the moment, and it is quite shocking. I'm hearing it from all of the customers. The headlines don't lie, right? A $400 million loss that was declared by a major British retailer back in May or June of this year, the production lines of one of the leading car manufacturers in the UK already being down for weeks and going to be down for another few weeks. Those are not just ransomware attacks. Those are existential attacks on your business where you may not have a business if you continue at that rate. Now, the good news is for all of you telco operators and for all of our customers out there is that vSphere and the VMware Cloud Foundation, which it takes here, software defined networking, storage, compute, and all of the automation. But importantly, it already has built into it all of the security and trust capabilities that you need to actually lock down your environment.
(04:09):
And the first thing that you should look at is multifactor authentication so that, because a lot of those were credential attacks. So lock those things down. Make sure you put MFA in place, then look at secure boot of your environment. Look at encryption at rest and in runtime, look at how do you do patching of your environment to make sure that you've already taken any of our critical CVSS, our kind of critical security patches, apply those across the environment. We make it easy. You can live patch the environment, and then you can move forward to knowing confidently knowing that your platform and your cloud platform that you're running your applications and your operations on as a telco operator are actually secure, trusted, and have all the compliance that you need in terms of different standards of compliance. The second part of it is look at securing your network and securing your network, I think really comes down to how do you bring in east west kind of firewalls to start protecting and isolating applications from one another.
(05:09):
That side channel attack is really something to look at for, so the good news is all the capabilities are already there. We don't have to build something that new. We don't have to. It's easy enough for us to protect environments from all the threats that you saw out there, it does require a little bit of prowess. And I think just more an operational standardization from you to say that I must put this in place and that's what I would like to see happen is telco operators use the features that are already there. You already have it in VCF
Guy Daniels, TelecomTV (05:48):
And Paul, we're seeing that telcos are evolving their environments to deliver more agile applications and cloud native functions. And VMware, the company acquired Heptio has been a leader in cloud native apps. So how are you now simplifying and accelerating the delivery of cloud native functions?
Paul Tuner, VMware by Broadcom (06:07):
Well, I think the really exciting thing is you think about it, Kubernetes and cloud native functions is not actually all old. When we acquired Heptio back in, gosh, 2018, what we've actually done is they were the founders of Kubernetes. So what we've done is actually taken that Kubernetes platform and all of the prowess that we have built as part of tansu, we actually built it into the core function of the VMware Cloud Foundation platform. So built into cloud foundation, you get A-C-N-C-F compliant Kubernetes interface, you get a Harbor registry service, you get a backup service, Valero backup service, you get Prometheus, you get monitoring services. And more importantly, we just announced a container runtime partnership actually with a great English company from here canonical. So that's a full Ubuntu runtime so that you can actually run secure containers, you can run all of the services that you need.
(07:03):
So the simplest way to deploy your CAS applications, if you look at AU operators, we're trying to make this shift from VNF based environments or virtual machines. Many applications are still virtual machine based, but you need to be able to run all of the container CNF based applications along with the VNF based applications are being delivered by the telco providers. And so how do you do that? The easiest thing is to actually run those on a single platform that can actually run both incredibly well and that has all of the services that you need to deliver and has long-term support that you need to deliver and has the multi versions, because one of the problems is many different vendors all have different kind of stack dependencies. Ours delivers you multiple versions of the product. It delivers a CAS platform that can run all of the telco operator, all of the operators that you need as a telco provider delivering your CNF based environments that you need. So it's really about simplicity and how do we bring that into a single operations platform and also look at forward, protect your infrastructure as you evolve from virtual machine-based infrastructure and bring in container-based infrastructure often running alongside. And I expect for the next five or six years at least, it will be combined like that. But you've already got a platform then that is forward built for container and your CNF based environments.
Guy Daniels, TelecomTV (08:38):
Okay, thanks Paul. Well, can we talk now about silos? Because running IT and network workloads on separate stacks does create silos. So how does VMware Cloud Foundation change this for operators?
Paul Tuner, VMware by Broadcom (08:49):
Yeah, well, I mentioned that earlier, right? You are going through a transition for an operator. They're transitioning from a former virtual machine heavy environment into kind of a mixed environment right now of VMs and container environment. And over time, they are moving more and more of their infrastructure towards cloud native infrastructure. So what you don't want to do, I think it's highly inefficient, and I think everybody knows this, is to run independent stacks. Now, if you look at IT technology, we've actually been running very efficient and highly cost effective runtimes inside an IT for many, many years. Treating the telco core network as an independent network that we manage independent of everything else is an inefficient way of doing it. So the ideal is actually bring the IT workloads and the core workloads and have it as a common operations platform. So that means you get the common skillsets that the people that you have, they can run those operations.
(09:49):
You get a lot of the benefits of compliance and security and trust and everything that I mentioned earlier is actually needed for IT environments as well as your core network environments. So you get all of that best practices built into it, and of course the single platform so that you can run container-based applications and your modern kind of Kubernetes led by kind of applications or just a container service application along with your VM based applications. So that single platform saves you cost in terms of people and people reskilling saves you cost in terms of standardization and compliance and security and trust of your platform that you're running a more secure and trusted kind of platform and saves you costs because you will be able to actually leverage more kind of common infrastructure. Of course, both. And it's going mandatory that both of 'em have high resilience, high uptime, never down environments, but that's becoming true for IT or core network environments or even as we look at manufacturers going into the OT environment. But that's a different story.
Guy Daniels, TelecomTV (10:59):
Well, Paul, you talked earlier about running V NFS and CNFs together as telcos make this evolution from VFS to CNFs, collaboration with network equipment providers is absolutely essential. So how does Broadcom work with companies to ensure seamless integration lifecycle management and also cloud native readiness?
Paul Tuner, VMware by Broadcom (11:22):
Yeah. Well, I was actually just mentioned earlier, I'm here in London because I was meeting up with some of our partners when we bring our partners and our customers together. So we had Ericsson and Nokia and VMware and all of our customers sitting together looking at how can we actually build best operations together and how do we deliver that as a validated kind of trusted solution into the customers? And that's a really important factor. The benefit for the telco operators is you can really choose and you can start mixing and matching and get that kind of choice, whether it's Ericsson, Nokia, veer, Samsung, other operators, Oracle, depending on the operator that you have and which type of applications you have, you can run all of those on this common infrastructure. And the big thing we do is we spend a lot of our time on all of our telco platform. We have a Telco cloud platform that builds on top of our BCF platform, but all of the work we do there is about how do we integrate better with the telco operators, but how do we integrate with the net vendors? How do we make sure all of those applications are validated, they're performance tested. We do validation on the scale of those so that you don't need to do that. And we can always get better at that, but it's a big part of our investment in terms of our engineering effort.
Guy Daniels, TelecomTV (12:47):
Good to hear. Well, Paul, we must leave it there for now. It's great talking with you and thanks so much for sharing your views with us today.
Paul Tuner, VMware by Broadcom (12:53):
Yeah, sure. Great. Catching up.
Please note that video transcripts are provided for reference only – content may vary from the published video or contain inaccuracies.
Paul Turner, Vice President of Products of the VCF Division, VMware by Broadcom
From running AI workloads on sovereign infrastructure to defending against rising security threats, telcos are tackling some of today’s biggest challenges. VMware’s Paul Turner and TelecomTV’s Guy Daniels take a look at how operators are simplifying cloud-native evolution, breaking down silos and collaborating more effectively with their solution partners.
Recorded September 2025
Email Newsletters
Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.
