VMware builds out intrinsic security strategy with VMworld announcements

The importance of recently-acquired Carbon Black to this vision was stressed, with Dell also announcing that Carbon Black is now the preferred endpoint security solution for Dell.

Tom Gillis, SVP and GM of Network Security at VMware

Today at VMworld 2019 Europe in Barcelona, VMware has made a flurry of security announcements. They are emphasizing that the unifying thread between them is their advancing of the company’s vision of intrinsic security to make it more automated, proactive and pervasive across the entire distributed enterprise. Central to this is newly acquired Carbon Black.

Patrick Morley, the new GM and SVP of VMware’s Security Business Unit, who had been the CEO of Carbon Black, emphasized the growing importance of intrinsic security in a media briefing around the announcements.

“I spent twelve years at Carbon Black, and partnered with VMware over the last two,” Morley said. “I decided to join VMware because security really needs to be intrinsically built into the stack. Adding it on afterwards is more challenging.”

VMware had some capabilities in endpoint security before this acquisition, but Morley emphasized that with 6000 customers globally and 1100 employees, Carbon Black brings a much stronger presence in the endpoint marketplace.

Tom Gillis, SVP and GM of Network Security at VMware, detailed how VMware sees this endpoint security fitting into the larger concept of intrinsic security.

“The notion of intrinsic security gets confused with integrated security,” he said. “With intrinsic security we are talking about fundamentally rethinking how security is done.” The idea is to fundamentally shrink the attack surface across clouds, data centres, end users, and the enterprise edge.

“Carbon Black is central to this because it provides a cloud-native endpoint protection platform, which allows us to analyze a trillion security events a day on it,” Gillis said. “VMware has had tremendous success focusing on firewall micro-segmentation with NSX, so that we are now increasingly viewed as a security company. Carbon Black really solidifies that in the eyes of our customers.”

The further leveraging of Carbon Black begins with the announcement of an enhanced partnership with Dell.

“Carbon Black is now the preferred endpoint security solution for Dell,” Gillis stated. Along with Dell Trusted Devices and Secureworks, Carbon Black will be offered to Dell commercial customers as Dell’s preferred endpoint security solution, and will be available directly ‘on-the-box’.

On the NSX side, VMware also announced new NSX Distributed Intrusion Detection [IDS] and Prevention [IPS] solutions, and new VMware NSX Federation for consistent, centralized network and security policy configuration and management for large-scale NSX deployments.

“When we think about security up front we can design it in, and the same thing is true when it comes to infrastructure,” Gillis said. “With VMware and virtualization, we have the ability to re-imagine the firewall, to break it up literally into thousands of software-defined pieces and move them out to the edge of the infrastructure. We are now taking that same approach to IDS and IPS. We are  pushing software out to capillaries of the data centre. Before, with all the rules, you needed a black box, and would run rules on other servers. That created  false positives and perception of noisy environment. This approach is inherently elastic. Breaking security policies into little chunks and applying them is critical in a container-based world.

“On the Workspace ONE side, we are also announcing a Zero Trust announcement, with a Trust Network for Workspace One Intelligence, using our threat network API to provide customers with an understanding of what’s happening across the ecosystem,” Gillis added. The Zero Trust architecture outlines how to bring together device management and compliance, conditional access, app tunnel and proxy, risk analytics, and automated remediation and orchestration into a Zero Trust security model.

Gillis then explained how all of this fits into VMware’s intrinsic security strategy.

“We have one of the strongest network security solutions now, combined with one of the strongest endpoint ones with Carbon Black,” he said. ““We are moving beyond the obvious problems of micro-segmentation into stolen credential attacks, with Layer 7 inspection of traffic.”

Gillis said so much more can now be done with security being turned into software.

“In the old days, we relied on dedicated hardware and we would have to hairpin traffic to these services,” he stated. “Those traditional hardware-based appliances now all being defined in software with scale-out properties.

“Analytics is one of the last pieces of the puzzle,” Gillis concluded. “We are taking this capability and pushing it to multiple data centres around the world, to create a very easy to administer solution for complex infrastructures. We are announcing a new approach to this on a global basis.”

Other VMware security announcements included a momentum release on the rapid advancement of VMware Tanzu, a new portfolio of products and services designed to transform the way enterprises build, run and manage software on Kubernetes. This included a new beta program for both Project Pacific and VMware Tanzu Mission Control.

VMware also announced a new VMware Cloud Native Master Services Competency for partners. It will equip partners to architect a Kubernetes-based platform supported by complementary technologies from the cloud native ecosystem for continuous delivery of applications. This new competency builds upon the VMware PKS Solution Competency framework introduced in February 2019 to provide partners with the capabilities to offer VMware PKS to their customers.