Home Enterprise VMware Innovations Secures Workloads Across Clouds Announced

VMware Innovations Secures Workloads Across Clouds Announced

by Harold Fritts

Today at VMware Explore 2022, VMware announced several new technologies that target cloud networks and security. The expanded portfolio includes Project Northstar, Project Trinidad, and Project Watch.

Today at VMware Explore 2022, VMware announced several new technologies that target cloud networks and security. The expanded portfolio includes Project Northstar, Project Trinidad, and Project Watch.

Simplifying Networking and Security for Multi-Cloud

Project Northstar advances its NSX platform, transforming how enterprises consume networking and security in a multi-cloud environment. Project Northstar delivers multi-cloud networking, security, workload mobility, and end-to-end threat detection and response with a centralized cloud console for consistent and simplified software-as-a-service (SaaS) consumption.

This family of services includes network and security policy management, network detection and response (NDR), network visibility and analytics (NSX Intelligence), advanced load balancing (ALB), and workload mobility (HCX) for private cloud environments and VMware Cloud deployments.

With the introduction of NSX 4.0.1.0 and vSphere 8, VMware NSX’s networking and security functions can run on Data Processing Units (DPUs)  connected to the host hypervisor. Offloading NSX services from host CPUs to the DPU can accelerate networking and security functions to address the needs of modern applications and other network-intensive and latency-sensitive applications.

Strengthening Lateral Security

Increasing lateral security requires security teams to pay closer attention to east-west network traffic and eliminate blind spots. VMware is strengthening its lateral security capabilities by embedding network detection and visibility into Carbon Black Cloud’s endpoint protection platform, available now to select customers in early access. This extended detection and response (XDR) telemetry adds network detection and visibility to endpoints providing customers with comprehensive visibility into their environment across endpoints, workloads, and networks with no changes to infrastructure or endpoints.

Project Trinidad

Modern applications are increasingly at risk with limited visibility into the east-west traffic between microservices. In technology preview, Project Trinidad extends VMware’s API security and analytics by deploying sensors on Kubernetes clusters and uses machine learning with business logic inference to detect anomalous behavior in east-west traffic between microservices.

Ransomware attacks are becoming more common. VMware’s recent Global Incident Response Threat Report reveals that ransomware actors continue to evolve their cyber extortion strategies. Fifty-seven percent of respondents claim to have encountered attacks in the past 12 months, and two-thirds (66 percent) have encountered affiliate programs and/or partnerships between ransomware groups as prominent cyber cartels continue to extort organizations through double extortion techniques, data auctions, and blackmail.

VMware Ransomware Recovery for VMware Cloud DR makes recovery from an attack faster, more predictable, and less prone to error. This purpose-built ransomware recovery-as-a-service solution enables safe recovery that prevents re-infection of IT and line-of-business production workloads by using an on-demand isolated recovery environment on VMware Cloud on AWS. Guided recovery workflows allow customers to identify recovery point candidates quickly, validate restore points using embedded behavioral analysis, and recover data with minimal loss.

Expanding Security for the Data Center and Cloud Edge

Following last year’s announcement of elastic application security edge (EASE), VMware is introducing VMware NSX Gateway Firewall. This next-generation firewall offers stateful active-active edge scale-out capability that significantly increases network throughput for stateful services. VMware now offers advanced threat prevention capabilities with IDPS, malware analysis, sandboxing, URL filtering, TLS proxy, stateful firewall, and stateful Network Address Translation (NAT) that extend centralized security controls to physical and virtual workloads at the data center and cloud edge.

Intending to deliver multi-layer application security at the edge, closer to applications and users, for better efficiency and performance, VMware NSX Advanced Load Balancer (ALB) is adding new bot management capabilities and enhancing the security capabilities of its web application firewall, malware detection, security analytics, and DDoS protection. These enhancements at the edge help customers maintain a consistent security posture with operational simplicity, extending protection from traditional to cloud-native container-based applications deployed across multi-cloud environments. VMware NSX ALB’s ability to enforce API security policies in line with application delivery traffic helps customers protect their north-south APIs.

Project Watch

VMware unveiled Project Watch, a new approach to multi-cloud networking and security that provides advanced app-to-app policy controls to help with continuous risk and compliance assessment. Currently, in technology preview, Project Watch helps network security and compliance teams continuously observe, assess, and dynamically mitigate risk and compliance problems in composite multi-cloud applications.

Securing the Edge for the Distributed Workforce

In the past two years, enterprise customers have fundamentally changed how they build and deploy networks and access to support distributed workers. The market for secure access service edge (SASE) solutions is expected to nearly triple by 2026. Security is a crucial driver of growth as enterprises strategically invest in the new age of distributed applications and hybrid work, according to the Dell’Oro Group. VMware is now offering additional deployment flexibility to customers who want a multi-phase journey from their current network and endpoint management solutions to a next-generation SASE offering with enhancements to VMware Cloud Web Security.

Engage with StorageReview

Newsletter | YouTube | Podcast iTunes/Spotify | Instagram | Twitter | TikTok | RSS Feed