Comprehensive Software Reviews to make better IT decisions
VMware Takes on Cisco and Palo Alto Networks With Announcement of VMware Service-defined Firewall
VMware is delving deeper into the IT security segment with its recent announcement at RSA 2019, unveiling its Service-defined Firewall product. VMware will be competing with security giants Palo Alto Networks and Cisco, among others, to introduce the new offering that focuses on the internal network by validating good application behavior.
VMware is seeking to build on the unique aspects and characteristics embodied in its virtualization technology to replace integrated solutions with what it has termed “intrinsic security” vs. integrated security solutions. VMware seeks to focus on known “good assets” as opposed to scanning the universe for unknown threats.
VMware claims the new service can displace other solutions to become the “sole firewall solution for their internal needs.” They go one step further in an effort to build instant credibility for the Service-defined Firewall via the publication of a validation report from Verodin.
VMware’s Service-defined Firewall provides an agentless solution that can be deployed and utilized on bare metal, VM, and container-based environments in the cloud, on premises, or in hybrid cloud environments such as VMware Cloud on AWS. VMware advertises that this solution is a differentiator based on the following product characteristics:
- Application Verification Cloud – leverages “machine intelligence” across VMware’s ecosystem of millions of VMs to map out a “good state” of an application.
- Protected From the Guest – agentless capability that enables guest OS inspection to defend against root attacks. Works at run time to “detect and block malicious traffic on the network.”
- Distributed in Software – extends past the traditional methods of “hairpinning” traffic from the network through a hardware appliance scanning, which is inefficient and not easily scalable in complex applications.
VMware appears serious about this latest foray into the enterprise security space. VMware CEO Pat Gelsinger was quoted, “We're the company that makes [cloud infrastructure] okay for our customers, makes it more efficient, scalable, et cetera but we've never until the last couple of years really said, ‘Hey, we can now start changing the security dialogue in a fundamental way.’”
IT security and infrastructure leaders will need to carefully examine the purported capabilities in this new VMware offering before “jumping in” with both feet. Should this solution prove true to VMware’s lofty claims, organizations will have to carefully examine the implications from a cost, licensing, and business operating model approach. With most IT shops already experiencing increased costs due to being a captive customer of VMware’s virtualization technology, this new offering could serve to increase this vendor lock-in. Additionally, the convergence of network and security functionality will drive the CISO and CIO to work off the same page or risk falling behind in a world less tolerant of security breaches.
Want to Know More?
Quest Software has announced its newest updates, KACE SDA 7.0 and KACE SMA 9.1, which enhance their features, apply Linux scripted installs, and automate systems management.
Puppet has rolled out Remediate. This release aligns with the ongoing consolidation between IT Operations and IT Security.
Avaya’s newly released firmware addresses a vulnerability that has survived for 10 years in VoIP phone models configured with H.323 signaling.
Ayehu is working to bridge the gap between IT Operations and Security Operations. We expect to see more vendor product offerings follow suit.
A hacker has compromised 106 million Capital One customers after a data breach. But the real story might be less to do with cloud security itself and more to do with Capital One’s own security engine for cloud services.
Rundeck markets itself as an enabler of self-service IT operations. This marketing strategy aligns with the transition of IT operations from order-takers to engineers. But organizations must change their way of working to make self-service successful.
ServiceNow and Microsoft Partnership: Great for ServiceNow and Microsoft Customers, Great for Vendor Lock-In
ServiceNow and Microsoft are furthering their partnership by hosting the Now platform in the Azure-trusted cloud. These features and integrations are powerful, but comes at the price of vendor lock-in.
Apple has delivered a silent update to Macs, rectifying a security flaw in its Zoom web-conferencing service.
Cyberattacks are terrible and require the same dedication to overcome them as would any other disaster response effort. Just like natural disasters, cyberattacks cause millions of dollars in damage, disrupt infrastructure, and impede citizens from their daily lives.