VMware is wading more into the IT security market with a software defined strategy that rhymes with how the company approached the data center and network markets.
Pat Gelsinger, VMware's CEO, will deliver a keynote at the RSA Conference Thursday. RSA and VMware are both owned by Dell Technologies.
Under the strategy, VMware is focusing on securing and defending applications more than infrastructure and aims to shrink attack surfaces. VMware is also launching a "service-defined firewall" that will secure services and software instead of focusing on infrastructure.
RSA: Cyberattack planning is still depressingly poor, even in big businesses | Enterprises lax about mobile security as more threats loom | IBM X-Force Red launches blockchain security service | Phishing alert: One in 61 emails in your inbox now contains a malicious link
The broader theme for IT security is that managing a bevy of services is complex with various vendors as well as agents running inside a company. Toss in virtual machines, public clouds, on-premise infrastructure and apps and security gets complicated in a hurry.
Palo Alto Networks already has begun using its services, data and products as a platform that third parties can build on. There's also a wide market for security automation and orchestration. Palo Alto Networks recently acquired Demisto for $560 million.
The move toward more security orchestration and automation fits well with what VMware already does with infrastructure. VMware has visibility into applications, networks and the infrastructure stack similar to the way Cisco does.
TechRepublic: Employees are the biggest risk to enterprise mobile device security, report says | 3 ways geopolitical attacks could impact your business this year
VMware's big volley into this security landscape is a new VMware Service-defined Firewall. Using VMware NSX and AppDefense, the Service-defined Firewall aims to model application behavior and automate protection with what it calls "intrinsic security."
Intrinsic security uses VMware's virtualization platform to validate good application behavior without the use of installed agents. VMware's Service-defined Firewall focuses on applications within an enterprise. VMware added that it'll extend its firewall tools to hybrid clouds and AWS Outposts in the future.
This Service-defined Firewall has the following:
- Application verification based on microservice variations over time. VMware will use machine learning from its deployed virtual machines to build a map of how an app should run.
- Inspections of guest operating systems and applications and stop malicious behavior.
- A distributed approach to track applications across infrastructure and the cloud.
Free PDF download: A Winning Strategy for Cybersecurity | How to write a good security policy for BYOD or company-owned mobile devices | Download now: Mobile device computing policy (Tech Pro Research)
What to do:
- Research: Employee compliance is the main challenge to implementing cybersecurity strategy
- Five emerging cybersecurity threats you should take very seriously in 2019
- The hacking strategies that will dominate in 2019
- How AI and machine learning can help you defend the enterprise from cyberattacks
- Two cybersecurity myths you need to forget right now, if you want to stop the hackers
- Improve your cybersecurity strategy: Do these 2 things
- Cybersecurity in an IoT and mobile world: The key trends
- Free PDF download: Cybersecurity in an IoT and mobile world
- Infographic: Almost half of companies say cybersecurity readiness has improved in the past year
- Cyberweapons are now in play: From US sabotage of a North Korean missile test to hacked emergency sirens in Dallas
- Five nightmarish attacks that show the risks of IoT security
- Ten best practices for securing the Internet of Things in your organization
- Five pitfalls to avoid in mobile and IoT security