VMware accelerates customers’ journey to Zero Trust security

Issue 6 2021 Cyber Security

Today's modern enterprises are facing an evolving threat landscape and increasingly sophisticated cyber-attacks. They require security that is both built-in and built differently. More than 30 000 customers trust VMware to help protect their enterprise, modern and edge-native apps with a comprehensive portfolio of security solutions that are highly effective and easy to use. VMware is announcing new innovations that help deliver consistent security for endpoints, virtual machines and containers with an end-to-end Zero Trust architecture. The new advancements span:

• Secure workload access for Zero Trust inside clouds and data centres.

• Elastic application security edge for stronger and more flexible cloud-to-cloud security.

• VMware Cloud Disaster Recovery and VMware Carbon Black Cloud for ransomware protection and recovery.

• CloudHealth Secure State for better visibility and security across multiple public clouds.

• API security and Kubernetes Security Posture Management for better protecting modern apps.

• VMware SASE and VMware Workspace ONE for a safer distributed workforce.

With VMware’s comprehensive security portfolio, enterprises are better covered from endpoint to end user and across application environments. Third-party testing from SE Labs certifies that environments built on VMware are better protected from advanced persistent threats(1). VMware NSX Network Detection and Response is the first and only NDR solution to receive an AAA rating in an SE Labs breach response detection test and VMware plans to deliver tapless NTA/NDR capabilities that leverage VMware vSphere to distribute sensors everywhere.

VMware Carbon Black Cloud records 1,2 trillion security events per day on average and helped stop more than one million ransomware attacks over a recent 90-day period(2). VMware also offers the industry’s only 20 TB internal scale-out firewall specifically built to secure east-west traffic and customers have been shown to reduce firewall rules by 90%(3), making security more manageable. [East-west traffic refers to network traffic moving laterally across the data centre as opposed to traditional client-server traffic which moves in and out of the data centre (north-south). – Ed.]

“Many security solutions used today were built for a different era. Highly distributed digital enterprises can’t simply take old security tools and processes, apply them to today’s new realities and expect to be protected,” said Tom Gillis, senior vice president, networking and advanced security business group general manager, VMware. “VMware is delivering security solutions built specifically for the threats customers face today. We use the power of software, a scale-out distributed architecture, Zero Trust design principles and a cloud delivery model for better security that’s easier to use.”

Workloads running on VMware are more secure

VMware is now pioneering Zero Trust security inside clouds and data centres with secure workload access. Customers can better secure communication between workloads and apps, including data communication. VMware delivers on the critical capabilities for secure workload access including:

• Workload identity with authoritative context.

• Micro-segmentation with advanced east-west controls.

• Workload and API security.

• Cloud-to-cloud edge controls such as highly secure connectivity, fully distributed NDR and web security.

• Workload-attached policies that can be automated and elastically scaled.

Moving to the data centre or cloud edge, security has traditionally been implemented with expensive hardware appliances that are incapable of adapting to changing app environments. VMware is announcing the industry-first elastic application security edge (EASE, pronounced ‘easy’) which enables the networking and security infrastructure at the data centre or cloud edge to flex and adjust as app traffic changes. VMware provides an elastic set of data plane services for networking, security and observability and a unique scale-out distributed architecture that enables an EASE environment to grow and shrink as app needs change.

For most organisations, rarely can they focus on securing only a single environment. VMware research shows customers are using multiple public clouds to run their business in addition to their on-premises data centre(4). CloudHealth Secure State introduces the next generation of its unified search and investigation engine to improve visibility, security and compliance simultaneously across multiple public cloud environments. Customers now benefit from real-time search to find cloud resources, visualise relationships, inspect metadata and change activity and overlay risk assessment across multiple cloud accounts, regions and providers into a single actionable view.

Finally, ransomware is proving effective, pervasive and profitable. VMware offers both advanced protection and rapid recovery from ransomware attacks. VMware Carbon Black Cloud can now be enabled with a simple switch in VMware vCenter, making protection from ransomware attacks simpler and faster to deploy. VMware is now announcing rapid recovery capabilities in the event ransomware gets through defences. VMware Cloud Disaster Recovery is an easy-to-use, cost-effective DR-as-a-Service (DRaaS) solution that enables more rapid recovery at scale, so organisations are better positioned to avoid paying the ransom. Customers can utilise a deep history of immutable snapshots stored in an isolated cloud file system, instant VM power-on for iterative security evaluations and powerful orchestration for highly automated testing, failover and failback to recover end-to-end IT apps and data sets after a ransomware attack.

VMware is pioneering modern app security

Modern apps create a new set of challenges for both security operators and developers. These apps can be made of thousands of components that communicate via APIs. This makes APIs the new endpoint that legacy cut-and-paste security approaches were not designed to secure.

VMware Tanzu Service Mesh Advanced edition is now bringing a new level of distributed visibility, discovery and security to APIs. Tanzu Service Mesh Advanced helps customers improve app resiliency and reliability and reduce blind spots with contextual API behaviour security.

New Tanzu Service Mesh advancements enable developers and security teams to each gain a better understanding of when, where and how APIs are communicating, even across multi-cloud environments, enabling better DevSecOps (see www.securitysa.com/*mf1 for a definition of DevSecOps). Additionally, CloudHealth Secure State now delivers Kubernetes Security Posture Management (KSPM) that delivers the ability to provide deep visibility into misconfiguration vulnerabilities across both Kubernetes clusters and connected public cloud resources.

The Secure State KSPM solution today supports 176 rules including CIS Benchmarks for managed services such as Amazon EKS, Azure Kubernetes Service and Google Kubernetes Engine.

VMware leads anywhere workspace security

With the shift to distributed workforces, employees must be provided with the appropriate levels of controlled access to apps and data from wherever they choose to work. VMware Anywhere Workspace is an integrated workforce solution built on technologies that empower employees, reduce IT silos and operational overhead and provide broader and more effective security.

VMware SASE is adding a new inline cloud access service broker (CASB) service to help IT gain more visibility and control over app access. IT teams can more effectively apply role-based access policies to cloud-delivered apps and identify use or abuse of unsanctioned apps.

Forthcoming Data Loss Prevention (DLP) capabilities will help organisations better comply with HIPAA, GDPR, PCI and other data privacy laws by preventing sensitive data from leaving pre-defined environments. The new Workspace ONE next-generation compliance engine examines thousands of posture checks on device, OS and apps. This will enable desired state and perform remediation with minimal impact on end-user experience. VMware Carbon Black integrates with Workspace ONE and is now optimised for Horizon VDI environments, helping secure the distributed edge while providing remote workers with an optimal experience.

Finally, VMware and Intel are working to deliver a solution that will uniquely help secure edge environments starting from the silicon and extending to devices and apps. The solution will create a direct link between the Intel vPro platform and VMware Workspace ONE to enable automated out-of-band maintenance that keeps PCs up-to-date with the latest security patches and infosec policies no matter where they are located or the state of the operating system. Intelligent analytics with access to rich hardware-level telemetry will enable customers to proactively minimise security risk and maximise employee experience.

Innovative managed security services

Managed security services remove the burden of deployment and daily management of security technologies from customers. By working with a managed security service provider, customers also have faster access to the latest innovations capable of better protecting their organisations from new and emerging threats. VMware has delivered a new set of capabilities that enable VMware Cloud Provider partners to build a comprehensive managed security service portfolio. These new capabilities include VMware Carbon Black Cloud, VMware Cloud Disaster Recovery, VMware SASE and VMware NSX Distributed IDS/IPS. All can be built as a custom service offering delivered to customers globally.

Citations

1. SE Labs, Breach Response Test, VMware NSX Network Detection and Response, August 2021

2. VMware Internal Analysis, August 2021

3. VMware Internal Analysis, August 2021

4. VMware Internal Analysis, August 2021




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Understanding the evolving cybersecurity landscape
Issue 6 2021, Vox , Cyber Security
Given the global disruption that took place last year, it is hardly surprising that malware increased by 358% and ransomware by 435% as compared to 2019.

Read more...
Security for operational technology: Part 2
Issue 6 2021, Wolfpack Information Risk , Editor's Choice, Cyber Security, Industrial (Industry)
The recent cyber-attack on Transnet is a wake-up call that South African companies are not immune from cyber threats. The incident impacted logistics on a national scale.

Read more...
Your people, the first and last line of defence
Issue 6 2021, Gijima Specialised Solutions (GSS) , Cyber Security
The human element should never be underestimated in cybersecurity planning as a simple ‘innocent’ click by an employee can open a loophole for cybercriminals to access the whole organisation’s network system.

Read more...
The bold decisions CISOs need to make today
Issue 6 2021 , Cyber Security
CISOs are entering a golden period of opportunity to take decisive action to shape their security strategy for the future of work, says Kevin Brown, managing director, BT Security.

Read more...
Cyber criminals adapt to deceive
Issue 6 2021, J2 Software , Cyber Security
Implementing DMARC standards can protect your brand from being impersonated, maintaining open communication and a managed user awareness training programme will help your people identify attacks before they lead to compromise.

Read more...
People as a risk factor
Issue 6 2021 , Cyber Security
To put it bluntly, people are the weakest link at the organisation. The distributed working environment has made implementing effective security solutions an incredibly complex undertaking.

Read more...
Protecting business from ransomware at the edge
Issue 4 2021 , Cyber Security
It might not always be possible to prevent ransomware from infecting remote networks, however, a robust backup and disaster recovery strategy can get the business back on track if systems are locked down.

Read more...
How safe are our factories?
Issue 5 2021, Wolfpack Information Risk , Industrial (Industry), Cyber Security
In this, the first part of a series on cybersecurity for operational technology, Bryan Baxter asks how safe our factories are from cyber threats.

Read more...
Managing a breach or ‘dirty’ network
Issue 5 2021 , Editor's Choice, Cyber Security
Nasser Bostan, head of security sales, Middle East and Africa, BT, shares BT’s insights gleaned from the SolarWinds incident and offers recommendations for organisations to step up their cybersecurity strategies.

Read more...
Protecting your workforce
Issue 5 2021, J2 Software , Cyber Security
With Workforce Cyber Intelligence, organisations can reduce legal liability by identifying the personal online activities that put the enterprise at risk, while still protecting employee privacy.

Read more...