VMware moved further into the security space today with a multi-cloud security product called Secure State. It’s based on technology that VMware acquired when it bought public cloud security startup CloudCoreo last year.
Secure State is available from CloudHealth by VMware. Six months after the CloudCoreo acquisition, VMware acquired multi-cloud management startup CloudHealth, which has become the cornerstone of VMware’s multi-cloud strategy and has 5,000 customers.
The vendor has since been working to integrate the two products, uniting multi-cloud management and security, said Jason Needham, head of product for Cross-Cloud Services at VMware. And to this end, Secure State is “key for mutli-cloud management and key for shaping our security strategy,” Needham explained.
VMware launched a beta version of Secure State in August 2018, and today it supports “thousands of production cloud accounts” across Amazon Web Services (AWS) and Microsoft Azure, he said. The vendor plans to add Google support “in the near term,” followed by Kubernetes environments, and VMware Cloud on AWS. “Ultimately we want to make sure that we give organizations a solution that works across all of their cloud environments,” he added.
The new product uses what VMware calls an “interconnected cloud security model,” which is an intermediate data layer that leverages cloud APIs, change events streams, and native threat data to provide a better understanding of security posture vulnerabilities, how different assets are interconnected, and the associated risks and threats across multiple clouds.
In addition to monitoring these cloud accounts, Secure State helps customers understand cloud deployments and risks by “building a relationship mode of how all these services are configured to connect inside of your cloud accounts,” Needham said. The product also automates cloud compliance monitoring, “and then we layer a risk model on top that correlates” vulnerabilities and threats, he said. Additionally, it provides DevOps teams with these security insights in real time.
It also integrates with other security, monitoring, and analysis companies including Splunk, Dell Secureworks, and RSA, among others.
VMware’s Security Strategy
Ultimately, Secure State advances VMware’s security strategy, which CEO Pat Gelsinger outlined in a keynote at the RSA Conference earlier this year, Needham said. VMware also unveiled an internal firewall it calls a Service-defined Firewall at the annual security mega event — signaling its intent to become a larger player in the security space but with a twist. VMware’s strategy focuses on “intrinsic security,” which takes advantage of the attributes that are built into its virtualization platform.
“Customers are really struggling with the cost to keep up with cyberthreats and manage their risks,” Needham said. “Security is a dimension to what we do, but we also provide the core systems — cloud, management tools. As much as we can we want to help our customers integrate and back in security form the start.” This includes infusing security into its networking portfolio using NSX’s microsegmentation capabilities as well as adding in application security with AppDefense, VMware’s first standalone security product, and now cloud infrastructuresecurity with Secure State.
On the data center side, NSX and microsegemntation “helps customers create these almost application-defined networks” by setting policy about what applications can and cannot talk to each other,” Needham said.
“Then AppDefense essentially fingerprints positive application behavior and leverages our position on the host to bake that security in,” he said. “And Secure State adds the environmental checks and the cloud infrastructure insight, so when you are running those application and networks on public cloud you aren’t blind to the infrastructure vulnerabilities you may have. It’s really a focus from applications to containers, to network segmentation, to cloud infrastructure.”
Another Multi-Cloud Acquisition
The new security product also comes less than a week after VMware announced plans to acquire Avi Networks, a software company that provides multi-cloud application delivery services. Avi’s platform includes a software load balancer, web application firewall (WAF), analytics and monitoring, and a universal service mesh. VMware plans to integrate this technology with its NSX networking and security portfolio.
“Both Avi Networks and Secure State support VMware’s mission to revolutionize how companies are addressing their hybrid cloud, multi-cloud and modern apps strategies – they are complementary, and both support our cloud strategy,” Needham said.
- Breaking: Intent to Acquire CloudHealth Technologies to Provide Multi-Cloud Operations at Global Scale
- VMware talks up multi-cloud era, need to transform security
- VMware to Acquire Bitnami to ‘Accelerate Multi-Cloud and Kubernetes Offerings’
- VMware CTO Talks ‘Game Changing’ New Cloud Management Tech