Today at VMworld 2019 Europe, VMware, Inc. (NYSE: VMW) detailed new
and expanded security solutions that advance the company’s vision
of intrinsic security, making it more automated, proactive and
pervasive across the entire distributed enterprise. With intrinsic
security, VMware reduces the risk to critical applications,
sensitive data, and users by shrinking the attack surface across
clouds, data centers, end users, and the enterprise edge. In
support of its intrinsic security vision, VMware today announced
the following:
- Dell will make Carbon Black Cloud, along with Dell Trusted
Devices and Secureworks, the preferred endpoint security solution
for Dell commercial customers
- New VMware NSX Distributed Intrusion Detection and
Prevention
- New VMware NSX Federation for consistent, centralized network
and security policy configuration and management for large-scale
NSX deployments
- Enhanced VMware SD-WAN branch firewall performance, flexibility
and usability features
- VMware Secure State updates that reduce public cloud risk and
improve security posture
- A new Zero-Trust security architecture for the digital
workspace
“VMware believes we have to stop adding more and more complexity
in an effort to solve cybersecurity challenges, and instead use our
infrastructure as part of the solution. In short, we must make
security intrinsic,” said Sanjay Poonen, chief operating officer,
Customer Operations, VMware. “VMware is shifting the balance of
power from attackers to defenders by removing the complexity
inherent with cybersecurity. VMware is delivering intrinsic
security through a comprehensive portfolio spanning the critical
control points of security: network, endpoint, workload, identity,
cloud, and analytics. Because we’re built-in, we’re everywhere
apps, devices, and users reside. This gives us a unique vantage
point to be informed about what’s happening in a customer’s
environment. With this knowledge, we can be proactive in hardening
customers’ environments to better prevent threats.”
An Intrinsic Approach to Workload and Endpoint
Security
With the close of its Carbon Black acquisition in October 2019,
VMware launched a new security business unit under the leadership
of former Carbon Black CEO Patrick Morley. The business unit
focuses on helping customers with comprehensive endpoint and
workload protection and advanced cybersecurity analytics to help
stop sophisticated cyberattacks and accelerate response times. As
the first step on this journey, VMware will offer multiple new
Carbon Black Cloud solutions to customers, including:
- Carbon Black Endpoint Standard:
Next-generation antivirus combined with endpoint detection and
response
- Carbon Black Endpoint Advanced: Carbon Black
Endpoint Standard combined with real-time endpoint query and
remediation
- Carbon Black Endpoint Enterprise: Real-time
endpoint query and remediation combined with advanced threat
hunting and incident response
- Carbon Black Workload: new advanced cloud
workload protection add-on for VMware vSphere
- VMware Workspace Security: combines
best-in-class behavior threat detection, next-generation antivirus,
and digital workspace analytics and remediation solutions
- Carbon Black Endpoint Standard with Secureworks Threat
Detection and Response: combines best-in-class
next-generation antivirus and endpoint detection and response with
an advanced security analytics application, expanding security
telemetry beyond the endpoint and into the network and cloud
VMware also announced an enhanced partnership with Dell that
will make Carbon Black Cloud, along with Dell Trusted Devices and
Secureworks, the preferred endpoint security solution for Dell
commercial customers. The enhanced partnership will bring Carbon
Black’s advanced, next-generation endpoint protection to businesses
of all sizes directly on-the-box.
Redefining Internal Data Center and Multi-Cloud
SecurityVMware NSX was the first solution to make
micro-segmentation both financially and operationally feasible,
enabling customers to more easily prevent the lateral spread of
malware inside the data center. VMware is now introducing NSX
Distributed intrusion detection and prevention (IDS/IPS), taking
the NSX platform’s Layer 7-capable internal firewalling to a whole
new level. NSX Distributed IDS/IPS is unique because it will take
advantage of VMware’s intrinsic understanding of the services that
make up an application and match IDS/IPS signatures to specific
parts of an application. This means an Apache or Tomcat server will
only get signatures relevant to it. The result will be much higher
performance and accuracy through a lower false positive rate.
VMware Service-defined Firewall with NSX Distributed IDS/IPS will
allow customers to both micro-segment their networks and block
internal traffic from stolen credentials and compromised
machines.
NSX Intelligence was recently introduced as an advanced system
to analyze workload traffic and automatically generate security
policies. NSX Federation is a new capability that will enable
customers to deploy and consistently enforce security policies
generated by NSX Intelligence across multiple data centers. NSX
Federation will help enterprises simplify disaster recovery and
avoidance and share application resources across data centers.
Converged operations will vastly simplify the overall security
architecture and make it easier for customers to manage security
policies, demonstrate compliance, and provide holistic context for
security troubleshooting. This type of efficiency and flexibility
cannot be matched by traditional “bump in the wire” appliances and
is a major difference between legacy and proprietary
hardware-defined systems and an open, scale-out software solution
such as VMware NSX.
VMware Intrinsic Security Addresses the Secure Access
Services EdgeAs outlined by Gartner, “Secure Access
Services Edge (SASE) offerings will provide policy-based ‘software
defined’ secure access from an infinitely tailorable network fabric
in which enterprise security professionals can precisely specify
the level of performance, reliability, security, and cost of every
network session based on identity and context.”(1) VMware addresses
SASE via a global, multi-service cloud network that extends from
on-premises to cloud to edge to end user, and integrated networking
and network security capabilities delivered by VMware SD-WAN.
VMware SD-WAN is unique because of its 1000s of gateways that run
at 100s of points of presence across every major cloud provider.
VMware is adding new features and capabilities to the built-in
SD-WAN branch firewall to enable simpler policy definition,
improved performance, and logging to meet stringent enterprise
security requirements. The VMware SD-WAN branch firewall provides
customers both built-in security and automated, policy-based access
to partners’ advanced security services including URL filtering,
secure web gateway, anti-X capabilities, cloud access security
brokers (CASB) and web isolation.
Proactive Management of Public Cloud Risk
VMware Secure State delivers an Interconnected Security approach
that enables deep visibility into cloud service relationships and
correlates risk due to misconfigurations and threats across
multi-cloud infrastructure. Continuously verifying the overall
security and compliance posture earlier in the CI/CD process is the
next logical step in making security more proactive, automated and
scalable for multicloud users. To help customers achieve this,
VMware announced the new VMware Secure State Findings API which
will enable customers to build guardrails into the infrastructure
provisioning pipeline. Native VMware Secure State rules or custom
policies enable selective verification of configuration settings in
near real-time during testing and staging of cloud infrastructure.
Detecting security and compliance issues earlier will help
companies scale security at cloud speed, minimize risk that’s being
introduced into production-ready infrastructure, and accelerate
time to market for releasing public cloud applications.
Simplifying Zero Trust Access to Any Application Across
the Digital Workspace
VMware today published a Zero Trust security architecture to
help customers modernize their approach to digital workspace
security. The architecture outlines how to bring together device
management and compliance; conditional access; app tunnel and
proxy; risk analytics; and automated remediation and orchestration
to enable a zero trust security model. Workspace ONE is the only
digital workspace platform that can bring these pieces of the zero
trust security puzzle together for the IT team. Together with Dell,
Workspace ONE adds new capabilities to offer customers a more
secure PC experience with Dell Technologies Unified Workspace. This
includes compliance and stronger BIOS-level threat protection
features such as Workspace ONE agent persistence to reclaim
management on lost or stolen devices, remote management of Dell
BIOS Admin passwords, integration with Dell SafeBIOS technology for
continuous BIOS settings verification and remediation against
configuration drift.
VMware continues to enrich its Workspace ONE Trust Network
ecosystem and today introduced the Trust Network Ingest API. With
this API, partners can integrate with Workspace ONE Intelligence
faster, ultimately enabling customers to take advantage of
integration sooner. VMware also announced that Zscaler, Wandera and
Zimperium are committed to release their integrations with
Workspace ONE Intelligence via this Trust Network Ingest API
soon.
Availability
The new VMware Carbon Black Cloud solutions, new VMware SD-WAN
branch firewall capabilities, and VMware Secure State Findings API
are expected to be available in VMware’s Q4 FY20 ending January 31,
2020. VMware NSX Distributed IDS/IPS and VMware NSX Federation are
expected be in Beta in Q4 FY20(2).
For information on all news announcements issued at VMworld 2019
Europe, please visit the Online Press Kit.
News at VMworld Europe
- Read an overview of today’s news by Joe Baguley, Vice President
& Chief Technology Officer, EMEA, VMware: A More Secure, Modern
Enterprise Takes Center Stage at VMworld 2019 Europe
- VMware Advances VMware Tanzu Portfolio to Accelerate Adoption
of Kubernetes in the Enterprise
- VMware Workspace ONE Delivers Day Zero Employee Experiences,
Enabling IT and HR to Accelerate New Hire Time to Productivity
- VMware Unveils Project Maestro, A Telco Cloud Orchestrator,
That Will Help CSPs Accelerate Multi-Cloud Operational Agility
- VMware Expands Reach of VMware Cloud on AWS for Cloud Providers
and MSPs with VMware Cloud Director Service
- VMware Cloud on AWS Helps Customers Across the Region and
Modernize Applications
- VMware SD-WAN Delivers a Comprehensive Secure Access Services
Edge
- VMware and Microsoft Continue to Partner to Deliver Greater
Impact to Customers from Client to Cloud
- Visit the Dell Newsroom to learn more about: Dell Technologies
Fortifies the Industry’s Most Secure Commercial PCs with VMware
Carbon Black Cloud Endpoint Security
About VMware Security
VMware believes that security today for the most part is not
working. Applications are highly distributed, deployed across
multiple private and public clouds, using many different types of
infrastructure and accessed from many different devices. Security
sprawl – too many products, agents, and interfaces deployed across
organizations – creates complexity for security management.
VMware’s strategy is to remove the complexity inherent with
security today and deliver security that is intrinsic across the
distributed enterprise. By focusing on the known good behavior of
applications and delivering a platform spanning the five control
points of security—network, endpoint, identity, cloud, and
analytics—VMware helps customers significantly reduce risk to
critical applications, sensitive data, and users. Ultimately,
VMware will help turn the industry away from the conventional norms
in security of detect, report, and respond, and towards this new
model that empowers customers to implement security that delivers
automated, pervasive, and proactive protection to critical assets
apps and users regardless of where they reside in the
enterprise.
- Source: Gartner, Inc., The Future of Network Security Is in the
Cloud, Neil MacDonald, Lawrence Orans, and Joe Skorupa, August 30,
2019
- There is no commitment or obligation that beta features will
become generally available
About VMware
VMware software powers the world’s complex digital
infrastructure. The company’s cloud, networking and security, and
digital workspace offerings provide a dynamic and efficient digital
foundation to customers globally, aided by an extensive ecosystem
of partners. Headquartered in Palo Alto, California, VMware is
committed to being a force for good, from its breakthrough
innovations to its global impact. For more information, please
visit https://www.vmware.com/company.html.
VMware, VMworld, Carbon Black, NSX, VMware Security State, and
Workspace ONE are registered trademarks or trademarks of VMware,
Inc. or its subsidiaries in the United States and other
jurisdictions. This article may contain hyperlinks to non-VMware
websites that are created and maintained by third parties who are
solely responsible for the content on such websites.
Media Contacts:
Roger T. FortierVMware Global
Communications408-348-1569rfortier@vmware.com
Emily MullenArchetype for
VMware212-331-8422emily.mullen@archetype.co
Vmware (NYSE:VMW)
Historical Stock Chart
From Apr 2024 to May 2024
Vmware (NYSE:VMW)
Historical Stock Chart
From May 2023 to May 2024