Cloud architecture leaders VMware all but reinvented itself as a cybersecurity provider this week, as it unveiled a wide range of new and expanded security solutions. It may not have been a pivot into a new form of business, but its announcements underlined the extent to which any major information technology organisation has to put cybersecurity at the core of its solutions. In effect, all businesses have to become cybersecurity businesses.
VMware describes its vision as “intrinsic security”, which makes security more automated, proactive and pervasive across the entire distributed enterprise. Intrinsic security, says VMware, reduces the risk to critical applications, sensitive data, and users “by shrinking the attack surface across clouds, data centres, end users, and the enterprise edge”.
At its annual VMworld Europe conference in Barcelona on Tuesday, VMware announced the following:
- Dell will make Carbon Black Cloud, along with Dell Trusted Devices and Secureworks, the preferred endpoint security solution for Dell commercial customers;
- New VMware NSX Distributed Intrusion Detection and Prevention;
- New VMware NSX Federation for consistent, centralised network and security policy configuration and management for large-scale NSX deployments;
- Enhanced VMware SD-WAN branch firewall performance, flexibility and usability features;
- VMware Secure State updates that reduce public cloud risk and improve security posture;
- A new Zero-Trust security architecture for the digital workspace.
This wide-ranging set of announcements comes barely a month after Oracle Open World (OOW) in San Francisco, where database software leaders Oracle announced its own wide-ranging set of security solutions. The emphasis at OOW was on making security autonomous, meaning that it is self-managing and self-correcting. Oracle CEO Larry Ellison styled it as the “self-driving” approach to cloud management and security.
The latest updates to VMware Secure State, which was first made available in June, provides similar functionality, although not the same level of autonomy. VMware last year unveiled Project Magma, which CEO Pat Gelsinger has described as the true AI/ML “self-driving data centre’.
While Oracle and VMware may seem to be competing for ownership of this vision, the former surprised the market at OOW when it announced a strategic partnership with VMware, allowing customers to run VMware Cloud Foundation on Oracle Cloud Infrastructure.
Sanjay Poonen, chief operating officer of VMware, told Gadget during VMworld: “I find it very interesting at Oracle Open World that Larry talked about two of his strategic vendors in partnership, VMware and Microsoft. I didn’t think that day would ever happen. Hell would sooner freeze over than Oracle embrace VMware. So If VMware technology can help them be more secure as part of that stack… if they can keep their stack and infrastructure secure, we are certainly powering a lot now of what they are trying to do in the cloud and networking. More power to them.”
In a formal announcement of VMware’s new security offerings, Poonen elaborated on the vision of intrinsic security:
“VMware believes we have to stop adding more and more complexity in an effort to solve cybersecurity challenges, and instead use our infrastructure as part of the solution. In short, we must make security intrinsic. VMware is shifting the balance of power from attackers to defenders by removing the complexity inherent with cybersecurity.
“VMware is delivering intrinsic security through a comprehensive portfolio spanning the critical control points of security: network, endpoint, workload, identity, cloud, and analytics. Because we’re built-in, we’re everywhere apps, devices, and users reside. This gives us a unique vantage point to be informed about what’s happening in a customer’s environment. With this knowledge, we can be proactive in hardening customers’ environments to better prevent threats.”
Click here to read about VMware’s new security offerings in detail.
VMware provided the following information on its new security offerings:
Carbon Black solutions
With the close of its Carbon Black acquisition in October 2019, VMware launched a new security business unit under the leadership of former Carbon Black CEO Patrick Morley. The business unit focuses on helping customers with comprehensive endpoint and workload protection and advanced cybersecurity analytics to help stop sophisticated cyberattacks and accelerate response times. As the first step on this journey, VMware will offer multiple new Carbon Black Cloud solutions to customers, including:
- Carbon Black Endpoint Standard: Next-generation antivirus combined with endpoint detection and response
- Carbon Black Endpoint Advanced: Carbon Black Endpoint Standard combined with real-time endpoint query and remediation
- Carbon Black Endpoint Enterprise: Real-time endpoint query and remediation combined with advanced threat hunting and incident response
- Carbon Black Workload: new advanced cloud workload protection add-on for VMware vSphere
- VMware Workspace Security: combines best-in-class behavior threat detection, next-generation antivirus, and digital workspace analytics and remediation solutions
- Carbon Black Endpoint Standard with Secureworks Threat Detection and Response: combines best-in-class next-generation antivirus and endpoint detection and response with an advanced security analytics application, expanding security telemetry beyond the endpoint and into the network and cloud
VMware also announced an enhanced partnership with Dell that will make Carbon Black Cloud, along with Dell Trusted Devices and Secureworks, the preferred endpoint security solution for Dell commercial customers. The enhanced partnership will bring Carbon Black’s advanced, next-generation endpoint protection to businesses of all sizes directly on-the-box.
Redefining Internal Data Centre and Multi-Cloud Security
VMware NSX was the first solution to make micro-segmentation both financially and operationally feasible, enabling customers to more easily prevent the lateral spread of malware inside the data centre. VMware is now introducing NSX Distributed intrusion detection and prevention (IDS/IPS), taking the NSX platform’s Layer 7-capabable internal firewalling to a whole new level. NSX Distributed IDS/IPS is unique because it will take advantage of VMware’s intrinsic understanding of the services that make up an application and match IDS/IPS signatures to specific parts of an application. This means an Apache or Tomcat server will only get signatures relevant to it. The result will be much higher performance and accuracy through a lower false positive rate. VMware Service-defined Firewall with NSX Distributed IDS/IPS will allow customers to both micro-segment their networks and block internal traffic from stolen credentials and compromised machines.
NSX Intelligence was recently introduced as an advanced system to analyze workload traffic and automatically generate security policies. NSX Federation is a new capability that will enable customers to deploy and consistently enforce security policies generated by NSX Intelligence across multiple data centres. NSX Federation will help enterprises simplify disaster recovery and avoidance and share application resources across data centres. Converged operations will vastly simplify the overall security architecture and make it easier for customers to manage security policies, demonstrate compliance, and provide holistic context for security troubleshooting. This type of efficiency and flexibility cannot be matched by traditional “bump in the wire” appliances and is a major difference between legacy and proprietary hardware-defined systems and an open, scale-out software solution such as VMware NSX.
Click here to read more about edge protection, Secure State, and availability of the new products.
VMware Intrinsic Security Addresses the Secure Access Services Edge
As outlined by Gartner, “Secure Access Services Edge (SASE) offerings will provide policy-based ‘software defined’ secure access from an infinitely tailorable network fabric in which enterprise security professionals can precisely specify the level of performance, reliability, security, and cost of every network session based on identity and context.” VMware addresses SASE via a global, multi-service cloud network that extends from on-premises to cloud to edge to end user, and integrated networking and network security capabilities delivered by VMware SD-WAN. VMware SD-WAN is unique because of its 1000s of gateways that run at 100s of points of presence across every major cloud provider. VMware is adding new features and capabilities to the built-in SD-WAN branch firewall to enable simpler policy definition, improved performance, and logging to meet stringent enterprise security requirements. The VMware SD-WAN branch firewall provides customers both built-in security and automated, policy-based access to partners’ advanced security services including URL filtering, secure web gateway, anti-X capabilities, cloud access security brokers (CASB) and web isolation.
Proactive Management of Public Cloud Risk
VMware Secure State delivers an Interconnected Security approach that enables deep visibility into cloud service relationships and correlates risk due to misconfigurations and threats across multi-cloud infrastructure. Continuously verifying the overall security and compliance posture earlier in the CI/CD process is the next logical step in making security more proactive, automated and scalable for multicloud users. To help customers achieve this, VMware announced the new VMware Secure State Findings API which will enable customers to build guardrails into the infrastructure provisioning pipeline. Native VMware Secure State rules or custom policies enable selective verification of configuration settings in near real-time during testing and staging of cloud infrastructure. Detecting security and compliance issues earlier will help companies scale security at cloud speed, minimise risk that’s being introduced into production-ready infrastructure, and accelerate time to market for releasing public cloud applications.
Availability
The new VMware Carbon Black Cloud solutions, new VMware SD-WAN branch firewall capabilities, and VMware Secure State Findings API are expected to be available in VMware’s Q4 FY20 ending January 31, 2020. VMware NSX Distributed IDS/IPS and VMware NSX Federation are expected be in Beta in Q4 FY20.