rvlsoft - Fotolia
VMware security for Cloud Foundation ties to Carbon Black
The new VMware Advanced Security for Cloud Foundation binds the company's security offerings with other key VMware offerings such as Carbon Black and NSX.
VMware has delivered an application suite to make it easier for IT administrators to replace legacy security systems and provide more consistent protection for internal data across public and private clouds.
The new VMware Advanced Security for Cloud Foundation includes the company's Carbon Black security technology, VMware's NSX Advanced Load Balancer with the Web Application Firewall and the NSX Distributed IDS/IPS. All three pieces of VMware security will be integrated with vSphere.
More tightly integrating Carbon Black with vSphere provides users with an "agentless" security platform, according to the company, that eliminates the need to insert an antivirus agent. Consequently, endpoint telemetry is managed through built-in sensors protected by the hypervisor. Another advantage gained is that the hypervisor, from a separate trust domain, can detect attackers trying to gain root access to hack into Carbon Black technology.
The new offerings mark a different approach to security software, driven by the growing sophistication among hackers with significant exploits increasing in frequency targeting the cloud, the edge, newer applications and mobile devices, said Sanjay Poonen, VMware's COO, during an RSA keynote on Wednesday.
VMware's new approach is to focus on technologies that are "built-in, unified and context-centric," and that are intrinsic to users' internal infrastructure. This allows IT shops to better lock down known good behavior of applications, thereby reducing the risk to apps, he said.
Some analysts see the move as a way for VMware to not just offer tighter integration of its security offering with other key pieces of its portfolio but to streamline its security offerings.
"When you look at the Carbon Black acquisition and what they are doing with Cloud Foundation, it's really about providing users with an opportunity to explore new security parameters from the vSphere and Cloud Foundation suite on up," said Stephen Elliot, a program vice president at IDC, a market research company in Framingham, Mass. "They also see this as an opportunity to reduce the number of security tools they offer."
Another analyst agreed it is a smart move to better integrate and streamline its lineup of security offerings but added it would have been a good idea for VMware to lay out how these offerings might accommodate competing virtualization products.
"Anytime you can remove older [security software] and then bring things under one umbrella and one pane of glass is a positive," said Brian Kirsch, an IT architect and instructor at Milwaukee Area Technical College. "But it would have been more ideal if they could roll in a small Hyper-V or KVM-based virtualization."
The new offerings focus largely on all-VMware products, causing some analysts to wonder if they fit in with the direction many IT shops are taking with hybrid and multi-clouds implementations.
Dana GardnerPresident and principal analyst, Interarbor Solutions
"An intrinsic security strategy is perhaps cutting across the grain of what many corporate users are looking at these days," said Dana Gardner, president and principal analyst at Interarbor Solutions LLC in Gilford, N.H. "Deployment models are going toward heterogeneity supporting hybrid and multi-cloud environments from the core data center out to the edge. You don't want to put all your eggs into one vendor's basket for security.''
Kirsch, who uses VMware and is on the VMware User Group Board of Directors, believes VMware provides enough tools and applications to where most users don't need to wander too far outside the company's ecosystem to satisfy their requirements.
"When you look at their infrastructure, it is fairly self-contained with good monitoring and logging tools," Kirsch said. "You have to ask how much a third party can contribute to most companies' security. At the end of the day, a lot of the security for multi-clouds is handled by the cloud provider, such as Amazon shared [responsibility] model."