VMware Inc. announced this week new and expanded security solutions that advance the company’s vision of intrinsic security, making it more automated, proactive and pervasive across the entire distributed enterprise. With intrinsic security, VMware reduces the risk to critical applications, sensitive data, and users by shrinking the attack surface across clouds, data centers, end users, and the enterprise edge.
In support of its intrinsic security vision, VMware announced that Dell will make Carbon Black Cloud, along with Dell Trusted Devices and Secureworks, the preferred endpoint security solution for Dell commercial customers; new VMware NSX Distributed Intrusion Detection and Prevention; new VMware NSX Federation for consistent, centralized network and security policy configuration and management for large-scale NSX deployments; enhanced VMware SD-WAN branch firewall performance, flexibility and usability features; VMware Secure State updates that reduce public cloud risk and improve security posture, and a new Zero-Trust security architecture for the digital workspace.
With the close of its Carbon Black acquisition in October 2019, VMware launched a new security business unit under the leadership of former Carbon Black CEO Patrick Morley. The business unit focuses on helping customers with comprehensive endpoint and workload protection and advanced cybersecurity analytics to help stop sophisticated cyberattacks and accelerate response times.
As the first step on this journey, VMware will offer multiple new Carbon Black Cloud solutions to customers, including Carbon Black Endpoint Standard - its next-generation antivirus combined with endpoint detection and response; Carbon Black Endpoint Advanced which is Carbon Black Endpoint Standard combined with real-time endpoint query and remediation; Carbon Black Endpoint Enterprise which offers real-time endpoint query and remediation combined with advanced threat hunting and incident response; and Carbon Black Workload, an advanced cloud workload protection add-on for VMware vSphere;
VMware Workspace Security that combines behavior threat detection, next-generation antivirus, and digital workspace analytics and remediation solutions; and Carbon Black Endpoint Standard with Secureworks Threat Detection and Response that combines next-generation antivirus and endpoint detection and response with an advanced security analytics application, expanding security telemetry beyond the endpoint and into the network and cloud.
VMware also announced an enhanced partnership with Dell that will make Carbon Black Cloud, along with Dell Trusted Devices and Secureworks, the preferred endpoint security solution for Dell commercial customers. The enhanced partnership will bring Carbon Black’s advanced, next-generation endpoint protection to businesses of all sizes directly on-the-box.
VMware NSX makes micro-segmentation both financially and operationally feasible, enabling customers to more easily prevent the lateral spread of malware inside the data center. VMware is now introducing NSX Distributed intrusion detection and prevention (IDS/IPS), taking the NSX platform’s Layer 7-capable internal firewalling to a whole new level.
NSX Distributed IDS/IPS is unique because it will take advantage of VMware’s intrinsic understanding of the services that make up an application and match IDS/IPS signatures to specific parts of an application. This means an Apache or Tomcat server will only get signatures relevant to it.
The result will be much higher performance and accuracy through a lower false positive rate. VMware Service-defined Firewall with NSX Distributed IDS/IPS will allow customers to both micro-segment their networks and block internal traffic from stolen credentials and compromised machines.
NSX Intelligence was recently introduced as an advanced system to analyze workload traffic and automatically generate security policies. NSX Federation is a new capability that will enable customers to deploy and consistently enforce security policies generated by NSX Intelligence across multiple data centers. NSX Federation will help enterprises simplify disaster recovery and avoidance and share application resources across data centers.
Converged operations will vastly simplify the overall security architecture and make it easier for customers to manage security policies, demonstrate compliance, and provide holistic context for security troubleshooting. This type of efficiency and flexibility cannot be matched by traditional “bump in the wire” appliances and is a major difference between legacy and proprietary hardware-defined systems and an open, scale-out software solution such as VMware NSX.
VMware Secure State delivers an Interconnected Security approach that enables deep visibility into cloud service relationships and correlates risk due to misconfigurations and threats across multi-cloud infrastructure. Continuously verifying the overall security and compliance posture earlier in the CI/CD process is the next logical step in making security more proactive, automated and scalable for multi-cloud users.
To help customers achieve this, VMware announced the new VMware Secure State Findings API which will enable customers to build guardrails into the infrastructure provisioning pipeline. Native VMware Secure State rules or custom policies enable selective verification of configuration settings in near real-time during testing and staging of cloud infrastructure.
Detecting security and compliance issues earlier will help companies scale security at cloud speed, minimize risk that’s being introduced into production-ready infrastructure, and accelerate time to market for releasing public cloud applications.
The VMware Carbon Black Cloud solutions, new VMware SD-WAN branch firewall capabilities, and VMware Secure State Findings API are expected to be available in VMware’s Q4 FY20 ending Jan. 31, 2020. VMware NSX Distributed IDS/IPS and VMware NSX Federation are expected in beta by the fourth quarter of next year.
No comments:
Post a Comment