PAM solutions

VMware enhances security capabilities to deal with threats

While VMware is not the biggest name when it comes to cybersecurity, the company continues to enhance its security capabilities. Since acquiring Carbon Black in 2019, VMware has worked on several security offerings catering to their product offering. It’s no surprise that they continue to focus on it, especially with cybercrime still a big threat.

Cybercriminals are finding faster ways to reach their targets today. In fact, a report by VMware Contexa shows that cybercriminals only need to make about two or three lateral moves to reach their target. This is a big worry for organizations, given the increasing amount of technology they are leveraging today as well.

In order to prevent lateral movement, businesses need to have an end-to-end view across their users, devices, networks, apps, and data. Simply put, any lack of visibility could lead to severe consequences as cybercriminals look to exploit organizations.

As such, VMware unveiled several enhanced features for its suite of security solutions to address the increasing sophistication and scale of cyberattacks at the RSA Conference 2023. These enhancements include:

  • DPU-based acceleration using SmartNICs for accelerated VMware NSX
  • VMware Carbon Black Workload and Cloud Configuration for security that’s designed for cloud-native architecture.
  • An Enhanced Firewall Service offering to bring NSX Security capabilities to VMware SD-WAN edge appliances for simplified operations at the enterprise branch.
  • VMware Secure App IX for more secure application connectivity across applications and
  • VMware Workspace ONE updates for phishing and content protection, secure access, and patch

According to Sumit Dhawan, president of VMware, as the cyber threat landscape evolves, organizations will require their infrastructure to play a more active role in protecting their enterprise.

“VMware is deeply committed to driving innovation in infrastructure, delivering enhanced protection against threats of today and tomorrow. I am proud of the innovations we are announcing at the RSA Conference to provide our customers with rich contextual visibility and greater protection against cyberattacks targeting their multi-cloud environments,” added Dhawan.

VMware Security

(Source – Shutterstock)

Improving VMware NSX and the multi-cloud

Taking a deeper look into some of the enhancements, for VMware NSX, businesses can now leverage DPU-based acceleration using SmartNICs. This implementation allows organizations to run NSX networking and security services on DPUs, providing accelerated NSX networking and security performance for applications that need high throughput, low latency connectivity, and security.

VMware also announced new enhancements to VMware NSX Advanced Load Balancer (ALB) to help customers deploy application security faster, at scale, and consistently across all apps and hybrid multi-clouds. VMware NSX ALB also provides a single elastic load balancing solution done entirely in software to help simplify app delivery and security.

For multi-cloud workloads, the introduction of VMware Carbon Black Workload and Cloud Configuration delivers security designed for cloud-native architecture, therefore enabling customers to view security as a continuous process across a workload’s lifecycle. By bringing together the best of VMware Carbon Black Workload and VMware Aria Automation for Secure Clouds, VMware delivers deeper context powered by VMware Contexa to analyze threats, for better visibility on workload posture, stronger compliance, operational ease with fewer false positives and automated workflows, and reduced complexity.

Looking at compliance, a new feature for VMware Carbon Black Workload provides an enhanced way for organizations to evaluate CIS compliance and understand the hardening status of the compute infrastructure in workload environments from the VMware Carbon Black Cloud console. Bringing an in-house benchmarking tool into VMware Carbon Black Workload allows for more flexibility for customers.

Securing workloads

To better protect workloads, VMware Carbon Black Workload introduced a Sensor Gateway for Linux which enables VMware Carbon Black Cloud for air-gapped systems. All communication to and from VMware Carbon Black Cloud is directed through the Sensor Gateway. This additional control helps enterprises keep their workloads secure while further insulating them from Internet traffic, removing the burden of owning, managing, and budgeting for additional proxy servers.

The VMware Secure App IX is a new offering designed to help organizations achieve governance and compliance by more securely connecting applications in multi-cloud environments and enabling application teams and lines of business to accelerate their application and digital innovation initiatives.

VMware Secure App IX provides capabilities that enable organizations to standardize and enforce consistent secure application connectivity policies, with real-time visibility and insights, for governance and compliance across single and multi-cloud environments. This helps to protect application end users, apps/APIs, and sensitive data in transit against ever-changing security threats and vulnerabilities.

Another interesting announcement is the Enhanced Firewall Service offering. This solution brings the power of NSX Security to existing VMware SD-WAN physical and virtual appliances, further strengthening the comprehensive VMware Secure Access Service Edge (SASE) offering. As with all other VMware SASE services, this offering will be integrated into the VMware SASE Orchestrator for simplified operations and obviates the need for separate security management.

VMware Workspace ONE

Lastly, innovations to Workspace ONE span phishing and content protection, secure access, and patch management that will better enable organizations to secure their hybrid workforce. This includes VMware Workspace ONE Mobile Threat Defense which addresses the risk of threat actors sidestepping security controls – including corporate profiles on personal devices – by integrating phishing and content protection with the Workspace ONE platform. Organizations can protect against potential phishing activity across email, SMS, general web content, as well as messaging, and social apps.

There is also VMware Workspace ONE Tunnel which will enable secure access without device management on all major operating systems including iOS and Linux, in addition to Android, macOS, and Windows. Organizations can start the journey to Zero Trust on unmanaged devices by utilizing Tunnel to limit access to specific applications as opposed to exposing full networks, layer on additional authentication leveraging MFA with SAML 2.0, and gain additional insights via Workspace ONE Intelligence.