VMware is launching new security capabilities to help bring strong lateral security across multi-cloud environments to give organizations more visibility into threats, including new IT phishing protections and IT management features in Workspace ONE, new features for Carbon Black, an enhanced firewall service, and more.
DPU-based Acceleration
Highlighting the company’s announcement on the first day of the RSA Conference are features to help strengthen lateral security for multi-cloud environments, including a DPU-based acceleration using SmartNICs. According to the company, this allows customers to run NSX networking and security services on DPUS, providing accelerated NSX networking and security performance for applications that need high throughput, low latency and security.
According to VMWare, DPU-based accelerated was previously only available as a tech preview but is now generally available with VMWare NSX 4.1. Included are new enhancements to VMware NSX Advanced Load Balancer to help organizations deploy application security faster and at scale across all apps and hybrid multi-clouds. The solution also provides a single elastic load balancing solution done entirely in software as well as a new VMware NSX Advanced Load Balancer Pulse service that now includes a live threat intelligence feed, a central dashboard and the ability to build custom dashboards with API support.
New Workspace ONE Security features for phishing protection, secure access, patch management
The Palo Alto, Calif.-based IT giant also announced new features in unified endpoint management solution Workspace ONE designed to secure hybrid workforces. These new features include phishing and content protection, secure access and patch management capabilities.
Phishing and content protection capabilities will be integrated into the platform via Mobile Threat Defense, which provides phishing protections across email, SMS, general web content and messaging and social apps. Protections are applied to all traffic, both external and internal, via an integration with Workspace One Tunnel, the company says.
In addition, VMware Workspace ONE Tunnel will enable secure access without device management on all major operating systems, including iOS, Linux, Android, macOS and Windows. This enables zero trust protection on unmanaged devices by leveraging Tunnel to limit access to specific applications. Organizations can also layer on additional authentication leveraging MFA with SAML 2.0 and gain insights via Workspace ONE Intelligence.
VMware is also expanding the cloud-native patch management capabilities of Workspace ONE, with new features including an updated data-driven user interface that dynamically updates patch management controls independent of console releases and new device equerry and sampling capabilities via Intelligent Hub that facilitate direct data collection and evaluation to inform update plans.
VMware Carbon Black Workload and Cloud Configuration
The company is also introducing VMware Carbon Black Workload and Cloud Configuration to help address the issue of rapid cloud migrations and keeping those environments secure.
According to VMware, VMware Carbon Black Workload and Cloud Configuration delivers security designed for cloud-native architecture and enables customers to view security as a continuous process across a workload’s lifecycle.
The solution combines VMware Carbon Black Workload and VMware Aria Automation for Secure Clouds and leverages VMware Contexa to analyze threats and provide better visibility on workload posture, compliance, automated workflows and reduced complexity.
A new feature in VMware Carbon Black Workload provides an enhanced way for organizations to evaluate CIS compliance and understand hardening status of the compute infrastructure in workload environments from the VMware Carbon Black Cloud console, the company says.
In addition, VMware is introducing a Sensor Gateway for Linux in VMware Carbon Black Workload that enables VMware Carbon Black Cloud for air-gapped systems. This directs all communication to and from VMware Carbon Black Cloud through the Sensor Gateway, an additional control that helps organizations keep workloads secure while insulating them from internet traffic while helping them pass compliance audits.
VMware Secure App IX
Also new is VMware Secure App IX, a new offering designed to help organizations achieve governance and compliance by more securely connecting applications in multi-cloud environments. This is aimed at helping application teams and lines of business accelerate digital innovation initiatives by providing capabilities to standardize and enforce consistent secure application connectivity policies.
With real-time visibility and insights, this new offering helps protect application end users, apps/APIs and sensitive data in transit, according to VMware.
Enhanced Edge Firewall
VMware is also releasing its Enhanced Firewall Service offering, which the company says brings NSX Security capabilities to existing SD-WWAN physical and virtual appliances. Like other VMware SASE services, this too will be integrated into the VMware SASE Orchestrator for simplified operations.
This also allows customers to eliminate legacy firewalls at the branch and benefit from simplified networking and security operations while leveraging VMware’s investments in threat intelligence, the company says.
