Menu
VMware amps security with in-house, Carbon Black technology

VMware amps security with in-house, Carbon Black technology

VMware's Carbon Black platform, along with VMware NSX, VMware Workspace ONE, VMware Secure State and future innovations, will deliver built-in security to networks, endpoints, workloads, identity\ies, cloud and analytics

Pat Gelsinger (VMware)

Pat Gelsinger (VMware)

Credit: VMware

VMware is moving quickly to meld its recently purchased Carbon Black technology across its product lines with an eye toward helping users protect their distributed enterprises.

VMware just closed the $2.1 billion buy of cloud-native endpoint-security vendor Carbon Black in October and in the process created a new security business unit that will target cyber security and analytics to protect networked enterprise resources.

“The Carbon Black platform, along with VMware NSX, VMware Workspace ONE, VMware Secure State and our future innovations, will deliver a highly differentiated intrinsic security platform across network, endpoint, workload, identity, cloud and analytics," VMware said upon closing the deal.

Indeed that’s a significant part of the security direction the company has started moving.

VMware this week announced a slew of new Carbon Black security options, including Carbon Black Endpoint Standard, Advanced and Enterprise packages, which depending on which version the customer needs, include antivirus, endpoint protection as well as advanced threat hunting and incident response support.

Threat hunting lets customers watch for abnormal activity in their networks and use threat intelligence and custom watchlists to augment and automate the search.

Another package, Carbon Black workload protects cloud workloads in the vSphere realm. And finally VMware Workspace Security which is a package that combines Carbon Black and VMware products for behaviour threat detection, antivirus, and digital workspace analytics and remediation.

Also part of the security announcements was the fact that Dell will preload Carbon Black Cloud, along with Dell Trusted Devices and Secureworks to make it the strategic endpoint security package for Dell commercial customers.

The enhanced partnership will bring Carbon Black’s advanced, next-generation endpoint protection to businesses of all sizes directly on-the-box, wrote Patrick Morley, former CEO for Carbon Black, now the general manager for VMware’s Security Business Unit in a blog about the Dell announcement.

“We now have the opportunity to work together and further expand our collective ability to keep worldwide customers protected from advanced cyberattacks."

The goal is to deliver intrinsic security through a wide-ranging portfolio of products spanning the critical control points of security: network, endpoint, workload, identity, cloud, and analytics, VMware stated.

“Because we’re built-in, we’re everywhere apps, devices, and users reside. This gives us a unique vantage point to be informed about what’s happening in a customer’s environment. With this knowledge, we can be proactive in hardening customers’ environments to better prevent threats.”

The new VMware Carbon Black Cloud offerings are expected to be available before September of 2020.

The other component of VMware’s security strategy is making its own core network software – NSX –  fundamentally more protected.

The company said NSX will now include distributed intrusion detection and prevention (IDS/IPS) support that will let customers match IDS/IPS signatures to specific parts of an application and let them micro-segment their networks based on specific service traffic.

NSX Distributed IDS/IPS in combination with VMware Service-defined Firewall with will let customers micro-segment their networks and block internal traffic that might be using stolen credentials or compromised machines.

VMware says its Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into the NSX network management software, vSphere hypervisors and AppDefense threat-detection system.

“East-west traffic control is the new security battleground,” said Tom Gillis VMware's senior vice president and general manager of its networking and security business.

“Microsegmentation can stop the obvious problems but we’ll be doing Layer 7 inspection of traffic and going beyond the obvious – we can read traffic and look for less obvious things like [ransomware worm] WannaCry and stop that.”

The company also said it was bringing a new feature to NSX that would let customers with distributed NSX instances manage security and more easily generate and support security policies.

The feature, NSX Federation, will let users set security policies in one location and distribute and enforce them around the world, Gillis said. The Federation feature makes use of NSX Intelligence, the company’s a distributed analytics engine to analyse workload traffic and generate security policies that can then be distributed as the customer needs.

Experts say the new NSX security features will help customers more effectively secure environments that are more distributed and cannot depend on traditional perimeter-based security systems.

“Administering security in a widely distributed system can be a huge challenge and VMware is beginning to address that issue,” said Lee Doyle, principal analyst with Doyle Research. “Customers can choose what security levels or policies to implement in different parts of their network.”

NSX Federation will be part of a future release of the VMware NSX platform and NSX Distributed IDS/IPS will be added when made generally available. Both are in beta today.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags VMwareCarbon Blacksecurity

Brand Post

How to become the best IT MSP

This article provides guidance for managed service providers (MSPs) that want to grow their business. It is also useful for any IT service provider looking to move from the break-fix model to managed IT services.

Featured

Slideshows

Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
Show Comments