After a pandemic, VMware, like others, saw the obvious: remote access to applications, be it in corporate data centers, in public and private clouds, on the edge of the network, or in those provided by operators, exploded. And with it the attacks (+ 150% between February and March 2020, according to a study by VMware and Carbon Black). “We believe that we will continue to work in a distributed manner even after the end of the pandemic. The employees work from home, in the office or elsewhere. Securing this new breed of workforce is critical, ”said Rajiv Ramaswami, chief operating officer for products and cloud services at VMware. And that from a growing number of terminals, professionally or privately. “Our job is to manage the right connection to these applications to keep them safe, no matter where they’re running and from any terminal,” he sums up.
Continuation of the following article, Place au zero-trust
Regarding SD-WAN (which VMware essentially derives from Velocloud, which was acquired in 2017), VMware offers a SASE architecture (Secure Access Service Edge, under the acronym Gartner). This service unifies access from a corporate office, from a shared workspace, or from home by applying a zero trust policy and reducing the attack surface. In short, a trusted architecture is more efficient than VPNs when the applications are not on the corporate website. “We have 150 PoPs (Points of Presence) around the world that connect our 2,700 service nodes, where most of the offices and users are located, and the data traffic goes through these SASE architectures,” emphasizes Rajiv Ramaswami.
VMware has partnered with VMware, and VMware SASE specifically embeds the Menlo Web Rendering Offset Gateway (secure browser) marketed as a service. VMware has also partnered with Zscaler to secure web access. Finally, the solution also integrates the next-generation VMware NSX firewall (level 7). Note that SASE solutions are not VMware’s prerogative. Cisco recently introduced a similar architecture, Secure Remote Workforce Solutions.
Soot in the hypervisor
A little over a year ago, VMware acquired Carbon Black for more than $ 2 billion. The first integrations with VMware products appear with VMware Carbon Black Workload, an agentless solution – the carbon black technology is integrated directly into the hypervisor – for virtual machines. “We can’t get any closer to the application than at this level,” says Eric Marin, VMware technical director. In particular, it relies on machine learning technologies. “We build carbon black in vSphere to secure workloads. The administrator has visibility to identify risks and harden workloads, detect, prevent, and remediate attacks and really simplify administration. This service will be available free of charge to every vSphere customer in six months ”, promises Rajiv Ramaswami.
In terms of security, and following another acquisition – Lastline’s last June – VMware NSX brings new security features. As a reminder, “Lastline is an expert at finding network threats, especially in the SMTP protocol, and understanding how a threat spreads,” recalls Tom Gillis, SVP / GM, Network and Security Business Unit. at VMware. Lastline uses monitored and unsupervised learning models for this.