Comprehensive Software Reviews to make better IT decisions
VMware Takes on Cisco and Palo Alto Networks With Announcement of VMware Service-defined Firewall
VMware is delving deeper into the IT security segment with its recent announcement at RSA 2019, unveiling its Service-defined Firewall product. VMware will be competing with security giants Palo Alto Networks and Cisco, among others, to introduce the new offering that focuses on the internal network by validating good application behavior.
VMware is seeking to build on the unique aspects and characteristics embodied in its virtualization technology to replace integrated solutions with what it has termed “intrinsic security” vs. integrated security solutions. VMware seeks to focus on known “good assets” as opposed to scanning the universe for unknown threats.
VMware claims the new service can displace other solutions to become the “sole firewall solution for their internal needs.” They go one step further in an effort to build instant credibility for the Service-defined Firewall via the publication of a validation report from Verodin.
VMware’s Service-defined Firewall provides an agentless solution that can be deployed and utilized on bare metal, VM, and container-based environments in the cloud, on premises, or in hybrid cloud environments such as VMware Cloud on AWS. VMware advertises that this solution is a differentiator based on the following product characteristics:
- Application Verification Cloud – leverages “machine intelligence” across VMware’s ecosystem of millions of VMs to map out a “good state” of an application.
- Protected From the Guest – agentless capability that enables guest OS inspection to defend against root attacks. Works at run time to “detect and block malicious traffic on the network.”
- Distributed in Software – extends past the traditional methods of “hairpinning” traffic from the network through a hardware appliance scanning, which is inefficient and not easily scalable in complex applications.
VMware appears serious about this latest foray into the enterprise security space. VMware CEO Pat Gelsinger was quoted, “We're the company that makes [cloud infrastructure] okay for our customers, makes it more efficient, scalable, et cetera but we've never until the last couple of years really said, ‘Hey, we can now start changing the security dialogue in a fundamental way.’”
IT security and infrastructure leaders will need to carefully examine the purported capabilities in this new VMware offering before “jumping in” with both feet. Should this solution prove true to VMware’s lofty claims, organizations will have to carefully examine the implications from a cost, licensing, and business operating model approach. With most IT shops already experiencing increased costs due to being a captive customer of VMware’s virtualization technology, this new offering could serve to increase this vendor lock-in. Additionally, the convergence of network and security functionality will drive the CISO and CIO to work off the same page or risk falling behind in a world less tolerant of security breaches.
Want to Know More?
A Citrix vulnerability first discovered on December 17, 2019 is being continually exploited by ransomware attackers despite patching attempts by Citrix.
Project Zero is changing its vulnerability disclosure policy to give software developers more time to patch vulnerabilities. The policy is now shifted to a stringent 90-day policy.
Cybersecurity firm Bishop Fox identified eight vulnerabilities in ConnectWise’s remote control and remote access software.
Tenable Chosen as the Successor for BeyondTrust’s Vulnerability Management Suite; BeyondTrust Steps Aside
Announced on December 31, 2019, BeyondTrust named Tenable as the successor to its Vulnerability Management suite.
On January 15, 2020, the Department of Defense (DoD) issued an open call to vendors to fulfill a contract to help improve their technology and inventory management.
ServiceNow version New York has entered General Availability. These features should delight high-maturity IT departments but are mostly worthless for low-maturity groups.
Cisco is beginning to lose patience with its Zoom interoperability after another Zoom security risk: access for the Zoom Connector for Cisco hosted on zoom.us did not require authentication, allowing external users to join a Zoom meeting without password credentials.
SolarWinds has announced updates to its IT operations management suite of products. These updates will improve users’ ability to monitor, manage, and secure hybrid operations.
Quest Software has announced its newest updates, KACE SDA 7.0 and KACE SMA 9.1, which enhance their features, apply Linux scripted installs, and automate systems management.