Sergej Khackimullin - Fotolia
VMware network security improves with AppDefense launch
Bloggers examine AppDefense -- a new VMware network security offering -- and look into synchronizing BGP and OSPF, as well as the capabilities of new Savvius analytics.
Jon Oltsik, an analyst with Enterprise Strategy Group Inc. in Milford, Mass., discussed VMware's launch of AppDefense at its annual VMworld conference. The new VMware network security offering works on the application layer, profiling apps and determining a baseline for normal behavior.
According to Oltsik, the new VMware network security system blurs the line between blacklisting and whitelisting. Instead, it weaves in automation and machine learning to discover apps, monitor behavior, and enable cybersecurity teams to set up rules and protocols.
In Oltsik's view, AppDefense helps remedy the cybersecurity skills shortage, shifts security closer to app development, and is built for integration and interoperation at organizations with varying needs. IBM and Carbon Black have helped launch the product as partners.
"VMware has some work ahead. AppDefense will likely take a while to gain broad market penetration as organizations figure out how to use it, where to deploy it, and what other application [and] compute-based security tools are needed to complement it," Oltsik wrote. He said the new VMware network security tool would likely be successful as a complement to NSX, which already brings in $1 billion a year in sales.
Read more of Oltsik's thoughts on VMware.
How to synchronize BGP and OSPF
Ivan Pepelnjak, blogging in ipSpace, responded to a question from a colleague about synchronizing Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF). The engineer imagined a situation where a router crashes, leading to a change in routing tables. When the router that crashed comes back online, a temporary traffic block occurs as BGP sessions are being re-established. According to Pepelnjak, the big question should be: How does a router know when a BGP routing process has converged?
Pepelnjak said convergence is seen as having taken place when a BGP keepalive message is received from all peers. To overcome the slowdowns resulting from this situation, Pepelnjak recommended turning the BGP-OSPF synchronization effort into a Label Distribution Protocol-OSPF synchronization project by deploying MPLS forwarding in a BGP-free core. Other options include setting up a BGP-only network, although this can run into convergence issues, or use a BGP-free core along with MPLS forwarding for segment routing as an alternative to Label Distribution Protocol.
Explore more of Pepelnjak's thoughts on synchronization.
Savvius launches new analytics appliance
Drew Conry-Murray, writing in Packet Pushers, reviewed Savvius' launch of its new Spotlight analytics appliance. The new troubleshooting appliance relies on real-time traffic-flow analysis to help network admins spot potential network and application latency problems.
The appliance also supports voice over IP and TCP performance monitoring, with a user interface that reports the worst-performing sections of the network. The tool is designed to support real-time and post-event forensics, and it's deployable as a 1U stand-alone appliance or running alongside the vendor's Omnipliance Ultra packet capture devices.
Conry-Murray said it makes sense for Savvius to expand its portfolio for situations where full-packet analysis may be unnecessary.
"The UI I saw in a demo looks clean and sensibly arranged, and customers can easily drill in from the main screen to get more details on a particular network segment, source/destination addresses, protocols, and other key information," Conry-Murray wrote. "Spotlight also enables Savvius to push back against competitors such as ExtraHop, which touts its real-time analytics based on packet metadata as a key differentiator," he added.
Dig deeper into Conry-Murray's thoughts on Savvius Spotlight.
Using VMware firewalls as a defense strategy
Why OSPF isn't the best option with DMVPN Phase 3
The rise of advanced network analytics