Adding to the flurry of product announcements coming out of the RSA Conference this week in San Francisco, VMware Inc. today introduced a firewall offering designed to provide an added layer of security for enterprise applications.

The new Service-defined Firewall builds on two of the company’s existing products. One is the NSX network management and security platform and the other is AppDefense, a threat detection engine that scans enterprise infrastructure for suspicious behavior. AppDefense looks for malicious activity by analyzing data from NSX and vSphere, VMware’s ubiquitous virtualization platform, which companies run on their servers to improve hardware efficiency.

The Service-defined Firewall extends these detection features by adding in a layer of automation. It uses operational information that VMware aggregates from its vast customer base to understand what constitutes normal behavior for different applications. Armed with this insight, the underlying algorithms can generate custom security rules for a company’s vSphere-virtualized environment.

VMware said that its firewall can look for malicious activity both in network traffic, via NSX, and the vSphere-powered host machines that make up an environment. It’s the latter capability that is the product’s main differentiator. The software uses vSphere itself to track activity, which means it doesn’t need to install a dedicated piece of monitoring software on each host as traditional security tools do.

Besides reducing operational complexity, this approach makes it harder for hackers to go undetected. Attackers can potentially disable the monitoring software installed on a host if they gain administrative access to the machine. But when the monitoring is done through vSphere rather than locally, that stops being a concern.

“Unlike perimeter firewalls that must filter traffic from an unlimited number of unknown hosts, the VMware Service-defined Firewall has the advantage of deep visibility into the hosts and services that generate network traffic,” Alex Berger, a product marketing manager with VMware’s network and security group, wrote in a blog post.

VMware is targeting Service-defined Firewall at a wide range of enterprise environments. The software can protect virtual machines, containers and bare-metal servers provided without software, with support for Amazon Web Services set to arrive at a later date.

Photo: Robert Hof/SiliconANGLE