Home Applications VMware Transforms Security for Applications Running on VMware vSphere-Based Virtualized and Cloud Environments

VMware Transforms Security for Applications Running on VMware vSphere-Based Virtualized and Cloud Environments

0
VMware Transforms Security for Applications Running on VMware vSphere-Based Virtualized and Cloud Environments
0

VMware AppDefense Moves the Industry Towards a Security Model That’s Intrinsic, Intent-Based, and Application-Focused

Today at VMworld® 2017, VMware, Inc. (NYSE: VMW) announced its breakthrough solution for securing applications running on virtualized or cloud environments – VMware AppDefense™. This new security solution leverages the virtual infrastructure to monitor running applications against their intended state, and can detect and automate response to attacks that attempt to manipulate those applications. Additionally, integrations with third-party solutions will enable a partner ecosystem to leverage VMware’sAppDefense unique application visibility and response orchestration.

“The growing frequency and cost of security incidents points to a fundamental flaw in security models that focus solely on chasing threats,” said Tom Corn, senior vice president, security products at VMware. “AppDefense delivers an intent-based security model that focuses on what the applications should do – the known good – rather than what the attackers do – the known bad. We believe it will do for compute, what VMware NSX™ and micro-segmentation did for the network; enable least privilege environments for critical applications.”

An intent-based security model is made possible through:

  • Increased use of automation in application and infrastructure provisioning
  • Use of application frameworks that provide richer and more authoritative views of intended state
  • Application of machine learning that enables the ability to reason about state and behavior across large populations
  • Increased use of virtualization and cloud, which provides greater application context and isolation

Leveraging VMware vSphere® gives AppDefense several unique capabilities. First, it’s in a unique position to see rich application context; both run state and provisioned state. Second, it can leverage the hypervisor to create a protected zone from which to store intended state and monitor runtime behavior. Third, it can leverage vSphere and NSX to automate and orchestrate response. The result is that AppDefense can significantly reduce the attack surface, making threat identification and response more efficient, and creating a more agile DevOps-friendly model for security.

“A security model concentrating on appropriate application behavior can help shrink the attack surface and improve the ability to pinpoint real threats,” said Jon Oltsik, senior principal analyst and the founder of ESG’s cybersecurity service. “With this focus on intended state behavior, AppDefense offers a productive alternative to traditional application and endpoint security. In this way, VMware AppDefense is shifting the focus from simply securing the virtual infrastructure, to using vSphere capabilities as creative enhancements to applications and infrastructure security.”

“Signature-based defenses alone are proving to be increasingly ineffective at preventing modern malware threats,” said Christopher Frenz, director of infrastructure and head of security, Interfaith Medical Center. “Effectively combating malware requires a defense in depth approach such as that laid out in the OWASP Anti-Ransomware Guide. Application whitelisting and network segmentation are a key part of any such defense in depth strategy, and are capabilities that VMware AppDefense and NSX help bring to the table.”

AppDefense enables customers to improve the effectiveness of existing security controls. Endpoint security, security information and event management (SIEM) and Security Operations Center Analytics are able to integrate with AppDefense to gain unique application context, leverage the virtual infrastructure for remediation, and protect their own position on the endpoint. Managed Security Service Providers (MSSPs) are able to build new data center and cloud security offerings around AppDefense. Initial partners for AppDefense include:

  • IBM Security : AppDefense plans to integrate with IBM’s QRadar security analytics platform, enabling security teams to understand and respond to advanced and insider threats that cut across both on-premises and cloud environments like IBM Cloud. IBM Security and VMware will collaborate to build this integrated offering as an app delivered via the IBM Security App Exchange, providing mutual customers with greater visibility and control across virtualized workloads without having to switch between disparate security tools, helping organizations secure their critical data and remain compliant.
  • RSA : RSA NetWitness Suite will be interoperable with AppDefense, leveraging it for deeper application context within an enterprise’s virtual datacenter, response automation/orchestration, and visibility into application attacks. RSA NetWitness Endpoint will be interoperable with AppDefense to inspect unique processes for suspicious behaviors and enable either a Security Analyst or AppDefense Administrators to block malicious behaviors before they can impact the broader datacenter.
  • Carbon Black : AppDefense will leverage Carbon Black reputation feeds to help secure virtual environments. Using Carbon Black’s reputation classification, security teams can triage alerts faster by automatically determining which behaviors require additional verification and which behaviors can be pre-approved. Reputation data will also allow for auto-updates to the manifest when upgrading software to drastically reduce the number of false positives that can be common in whitelisting.
  • SecureWorks : SecureWorks is developing a new solution that leverages AppDefense. The new solution will be part of the SecureWorks Cloud Guardian™ portfolio and will deliver security detection, validation, and response capabilities across a client’s virtual environment. This solution will leverage SecureWorks’ global Threat Intelligence, and will enable organizations to hand off the challenge of developing, tuning and enforcing the security policies that protect their virtual environments to a team of experts with nearly two decades of experience in managed services.
  • Puppet : Puppet Enterprise is integrated with AppDefense, providing visibility and insight into the desired configuration of VMs, assisting in distinguishing between authorized changes and malicious behavior.

Partner Commentary

“As attacks become more sophisticated, it’s more important than ever for security analysts to have full visibility into potential security incidents at every layer of their IT infrastructure, both on-premise and in the cloud. The direct integration of AppDefense with IBM Security technologies will allow additional analysis of this data by Watson for Cyber Security, which can provide analysts with a clearer understanding of the scope of advanced attacks. It can also help bridge the gap between IT operations and security teams, allowing them to orchestrate incident response and quickly take action to defend their organization.” – Marc van Zadelhoff, general manager, IBM Security

“VMware’s new AppDefense solution arms administrators to take positive control on what’s really running within their virtual datacenter – exactly what is needed in today’s challenging threat landscape. RSA is excited to work with VMware to combine the unique threat detection and response capabilities of RSA NetWitness Suite with AppDefense to enable enterprises to protect against the next wave of emerging attacks.” – Grant Geyer, senior vice president of products, RSA

“Securing virtual environments has become a critical imperative. With the combination of Carbon Black and AppDefense, security teams can leverage innovative solutions to effectively lock down applications in software defined data centers.” – Patrick Morely, chief executive officer, Carbon Black

“SecureWorks’ position in the MSSP market has been driven by the ability to deliver the best results in protecting our clients’ infrastructure. That requires richer visibility and context into the applications and data most critical to our customers. We will be delivering a new managed solution that leverages AppDefense for precisely that reason.” – Matt Eberhart, vice president of global product management, SecureWorks

“We’re excited to be one of VMware’s inaugural partners for AppDefense. Puppet Enterprise integrated with AppDefense enables security professionals to easily collaborate with operations teams to make security pervasive in the application development cycle, instead of the traditional practice of bolting security on at the end. This makes applications more resilient to attacks and enables DevOps practices to extend to security teams.” – Nigel Kersten, chief technical strategist, Puppet

Pricing and Availability

VMware AppDefense is initially available today in the U.S. for customers using VMware vSphere 6.5. AppDefense is priced as a subscription at USD $500 MSRP per CPU per year. Visit http://cloud.vmware.com

Additional Resources

About VMware Cloud
VMware Cloud™ gives customers maximum flexibility to select the best cloud environment to deploy and run applications on any device, with the ability to leverage development platforms and building blocks for new applications — while also maintaining consistent operations that help ensure the integrity of the entire IT portfolio. VMware Cloud provides the essential software foundation that delivers a common operating environment spanning on-premises data centers and leading public/managed clouds. VMware Cloud delivers the optimal environment for all applications: custom-built applications, packaged apps, virtualized, cloud-native and SaaS. VMware Cloud creates an ideal environment for building, testing and deploying production applications and is supported by a broad ecosystem of partners.

About VMware
VMware, a global leader in cloud infrastructure and business mobility, helps customers realize possibilities by accelerating their digital transformation journeys. With VMware solutions, organizations are improving business agility by modernizing data centers and integrating public clouds, driving innovation with modern apps, creating exceptional experiences by empowering the digital workspace, and safeguarding customer trust by transforming security. With 2016 revenue of $7.09 billion, VMware is headquartered in Palo Alto, CA and has over 500,000 customers and 75,000 partners worldwide.

Categories:
VMware VMware is the leader in virtualization and cloud infrastructure solutions that enable businesses to thrive in the Cloud Era. Customers rely on VMware to help them transform the way they build, deliver and consume Information Technology resources in a manner that is evolutionary and based on their specific needs. With 2013 revenues of $5.21 billion, VMware has more than 500,000 customers and 75,000 partners. The company is headquartered in Silicon Valley with offices throughout the world and can be found online at www.vmware.com.

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close