Expanding its cybersecurity portfolio, VMware launches a firewall
Adding to the flurry of product announcements coming out of the RSA Conference this week in San Francisco, VMware Inc. today introduced a firewall offering designed to provide an added layer of security for enterprise applications.
The new Service-defined Firewall builds on two of the company’s existing products. One is the NSX network management and security platform and the other is AppDefense, a threat detection engine that scans enterprise infrastructure for suspicious behavior. AppDefense looks for malicious activity by analyzing data from NSX and vSphere, VMware’s ubiquitous virtualization platform, which companies run on their servers to improve hardware efficiency.
The Service-defined Firewall extends these detection features by adding in a layer of automation. It uses operational information that VMware aggregates from its vast customer base to understand what constitutes normal behavior for different applications. Armed with this insight, the underlying algorithms can generate custom security rules for a company’s vSphere-virtualized environment.
VMware said that its firewall can look for malicious activity both in network traffic, via NSX, and the vSphere-powered host machines that make up an environment. It’s the latter capability that is the product’s main differentiator. The software uses vSphere itself to track activity, which means it doesn’t need to install a dedicated piece of monitoring software on each host as traditional security tools do.
Besides reducing operational complexity, this approach makes it harder for hackers to go undetected. Attackers can potentially disable the monitoring software installed on a host if they gain administrative access to the machine. But when the monitoring is done through vSphere rather than locally, that stops being a concern.
“Unlike perimeter firewalls that must filter traffic from an unlimited number of unknown hosts, the VMware Service-defined Firewall has the advantage of deep visibility into the hosts and services that generate network traffic,” Alex Berger, a product marketing manager with VMware’s network and security group, wrote in a blog post.
VMware is targeting Service-defined Firewall at a wide range of enterprise environments. The software can protect virtual machines, containers and bare-metal servers provided without software, with support for Amazon Web Services set to arrive at a later date.
Photo: Robert Hof/SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU