VMware is wading more into the IT security market with a software defined strategy that rhymes with how the company approached the data center and network markets.
Pat Gelsinger, VMware’s CEO, will deliver a keynote at the RSA Conference Thursday. RSA and VMware are both owned by Dell Technologies.
Under the strategy, VMware is focusing on securing and defending applications more than infrastructure and aims to shrink attack surfaces. VMware is also launching a “service-defined firewall” that will secure services and software instead of focusing on infrastructure.
The broader theme for IT security is that managing a bevy of services is complex with various vendors as well as agents running inside a company. Toss in virtual machines, public clouds, on-premise infrastructure and apps and security gets complicated in a hurry.
Palo Alto Networks already has begun using its services, data and products as a platform that third parties can build on. There’s also a wide market for security automation and orchestration. Palo Alto Networks recently acquired Demisto for $560 million.
The move toward more security orchestration and automation fits well with what VMware already does with infrastructure. VMware has visibility into applications, networks and the infrastructure stack similar to the way Cisco does.
VMware’s big volley into this security landscape is a new VMware Service-defined Firewall. Using VMware NSX and AppDefense, the Service-defined Firewall aims to model application behavior and automate protection with what it calls “intrinsic security.”
Intrinsic security uses VMware’s virtualization platform to validate good application behavior without the use of installed agents. VMware’s Service-defined Firewall focuses on applications within an enterprise. VMware added that it’ll extend its firewall tools to hybrid clouds and AWS Outposts in the future.
This Service-defined Firewall has the following:
- Application verification based on microservice variations over time. VMware will use machine learning from its deployed virtual machines to build a map of how an app should run.
- Inspections of guest operating systems and applications and stop malicious behavior.
- A distributed approach to track applications across infrastructure and the cloud.