VMware provided the following information on its new security offerings:
Carbon Black solutions
With the close of its Carbon Black acquisition in October 2019, VMware launched a new security business unit under the leadership of former Carbon Black CEO Patrick Morley. The business unit focuses on helping customers with comprehensive endpoint and workload protection and advanced cybersecurity analytics to help stop sophisticated cyberattacks and accelerate response times. As the first step on this journey, VMware will offer multiple new Carbon Black Cloud solutions to customers, including:
- Carbon Black Endpoint Standard: Next-generation antivirus combined with endpoint detection and response
- Carbon Black Endpoint Advanced: Carbon Black Endpoint Standard combined with real-time endpoint query and remediation
- Carbon Black Endpoint Enterprise: Real-time endpoint query and remediation combined with advanced threat hunting and incident response
- Carbon Black Workload: new advanced cloud workload protection add-on for VMware vSphere
- VMware Workspace Security: combines best-in-class behavior threat detection, next-generation antivirus, and digital workspace analytics and remediation solutions
- Carbon Black Endpoint Standard with Secureworks Threat Detection and Response: combines best-in-class next-generation antivirus and endpoint detection and response with an advanced security analytics application, expanding security telemetry beyond the endpoint and into the network and cloud
VMware also announced an enhanced partnership with Dell that will make Carbon Black Cloud, along with Dell Trusted Devices and Secureworks, the preferred endpoint security solution for Dell commercial customers. The enhanced partnership will bring Carbon Black’s advanced, next-generation endpoint protection to businesses of all sizes directly on-the-box.
Redefining Internal Data Centre and Multi-Cloud Security
VMware NSX was the first solution to make micro-segmentation both financially and operationally feasible, enabling customers to more easily prevent the lateral spread of malware inside the data centre. VMware is now introducing NSX Distributed intrusion detection and prevention (IDS/IPS), taking the NSX platform’s Layer 7-capabable internal firewalling to a whole new level. NSX Distributed IDS/IPS is unique because it will take advantage of VMware’s intrinsic understanding of the services that make up an application and match IDS/IPS signatures to specific parts of an application. This means an Apache or Tomcat server will only get signatures relevant to it. The result will be much higher performance and accuracy through a lower false positive rate. VMware Service-defined Firewall with NSX Distributed IDS/IPS will allow customers to both micro-segment their networks and block internal traffic from stolen credentials and compromised machines.
NSX Intelligence was recently introduced as an advanced system to analyze workload traffic and automatically generate security policies. NSX Federation is a new capability that will enable customers to deploy and consistently enforce security policies generated by NSX Intelligence across multiple data centres. NSX Federation will help enterprises simplify disaster recovery and avoidance and share application resources across data centres. Converged operations will vastly simplify the overall security architecture and make it easier for customers to manage security policies, demonstrate compliance, and provide holistic context for security troubleshooting. This type of efficiency and flexibility cannot be matched by traditional “bump in the wire” appliances and is a major difference between legacy and proprietary hardware-defined systems and an open, scale-out software solution such as VMware NSX.
Click here to read more about edge protection, Secure State, and availability of the new products.