When it comes to that Data center-based resource protection In a highly distributed world, traditional security hardware and software components cannot reduce it.
According to Tom Gillis, Senior Vice President and General Manager of VMware’s Networking and Advanced Security Business Group, this is the revenue that companies move to a decentralized digital environment. The idea is that security needs to be placed deep in the infrastructure fabric to protect workloads throughout their lifecycle, Gillis said in an interview. Network world At the company’s VMworld virtual conference.
Read more VMworld News: VMware is preparing for a difficult future; VMware announces new software service for Edge
One way VMware does this is to pack more security features into future releases of core NSX networking software, including better anomaly detection and analytics. NSX supports VMware’s software-defined virtual cloud networking architecture that allows enterprises to build and control network connectivity and security. Data center From WAN to multi-cloud environment.
NSX supports everything from private or public cloud-native applications to bare metal workloads running on multi-vendor hypervisors. It also supports Amazon Web Services, Microsoft Azure, Google Cloud, IBM Cloud network virtualization stacks, and leading Kubernetes container technologies.
Security already included in NSX includes support for configuring network, management, and policy settings across large environments. This NSX federation feature allows customers to create fault-tolerant zones to contain problems and prevent them from spreading throughout the enterprise network.
In addition, VMware NSX Advanced Threat Prevention combines NSX Distributed IDS / IPS with malware detection software and network traffic analysis obtained from Lastline in 2020.
VMware puts software-based sensors, or what traditional network administrators call network test access points (TAPs) across the enterprise, into its suite of security features to manage traffic patterns and network performance data. We are adding a function to feed back to. Gillis said.
“Traditional network tapping is difficult and tedious for IT and is not a great way to see what’s happening in a virtual environment,” Gillis said. “With NSX and the hypervisor, you can perform this network discovery on the hypervisor without using TAP and see everything.”
Closely related to deep NSX security is the Tanzu Service Mesh technology developed by VMware. The Tanzu Service Mesh upgrade announced at VMworld will give enterprise security teams and app developers a better understanding of when, where, and how APIs communicate, even between multi-cloud environments. This is part of VMware’s ongoing efforts to protect APIs throughout the application lifecycle.
“Traditional applications built with a three-tiered web approach only wrap each part in security. That’s it. Each container-based application has 3,000 different parts, each with its own API. Can be poked by those who are trying to abuse them.
“Tanzu ServiceMesh gives customers an accurate image of all the internal behavior of how the application is being used, allowing users to find anomalies and segment bad ones. Basically, understand the content. Place a traffic police officer between all the container flows to do. Response time. And if you don’t like what it sees, don’t let it pass. “
The Services Mesh includes open source Envoy support, an application layer technology that helps manage microservices-based applications. “This helps us to configure very powerful packages for managing modern applications and APIs,” Gillis said.
VMware has announced an NSX service that adjusts the network and security infrastructure at the edge of the data center or cloud as application traffic changes. This elastic application security edge (EASE) includes an NSX load balancer and a distributed firewall to provide central control and support for any environment, Gillis said.
“This kind of resilience is needed for automation. This is how the public cloud works. It can be scaled up and down.” The news here is expected to be the industry’s first and most powerful enterprise security tool. Is to support scaling of firewall services. “
Copyright © 2021 IDG Communications, Inc.
VMworld 2021: VMware packs more security into NSX
Source link VMworld 2021: VMware packs more security into NSX