At this week’s VMware Explorer 2022, the company revealed many improvements to its NSX SDN and Carbon Black security systems, including a centralized cloud Console for networking and security in a hybrid, multi-cloud setting.
“Project Northstar will be the hub that allows you to create seamless and secure connectivity across private and public [clouds], and have a genuine cross-cloud service offered in a multi-cloud environment,” said Tom Gillis, SVP and GM of VMware’s Networking and Advanced Security business group.
This project, which is now in its technology preview phase, provides a single pane of glass for unified software as a service (SaaS) consumption of VMware’s networking and security offerings, such as network and security policy management, network detection and response (NDR), NSX Intelligence network visibility and analytics, advanced load balancing, and HCX workload mobility across private cloud and VMware Cloud deployments.
“We’ve taken the management plane for this virtual networking infrastructure, and we’re delivering it as a service,” Gillis said.
In order to relieve strain on the host hypervisor’s central processing units (CPUs), VMware introduced vSphere 8 with the capacity to perform networking and security services on dedicated hardware known as data processing units (DPUs) or SmartNICs. With this, the requirements of applications that rely heavily on the network and are sensitive to latency are met.
Because of this, “you can operate very high levels of throughput from any given node,” and “it makes a very compelling economic argument for employing the SmartNICs,” as proclaimed by Gillis.
Lateral Security Is The New Battleground
Although businesses have been using endpoint security solutions and next-generation firewalls to protect themselves against ransomware for some time now, the frequency and severity of assaults have only escalated.
To put it another way, “attackers have a desire to get in your network and stay in,” as Gillis puts it. This is why we now consider lateral security to be ground zero.
Twenty-five percent of attacks, according to the company’s latest Global Incident Response Threat Report, involved lateral movement.
To detect such “lateral movements of attackers,” Gillis explains, “VMware has a unique vantage position that provides us an intrinsic edge in understanding the inner workings of these programs.”
“The API is the new endpoint, so you need to be able to understand, observe, and protect those internal APIs to stop the lateral movement of these attacks,” he said, adding that the vendor provides an “end-to-end view” with the Carbon Black endpoint security services for traditional virtual machine-based applications.
VMware’s Project Trinidad deploys sensors on Kubernetes clusters and utilizes machine learning with business logic inference to detect abnormal behavior in east-west traffic between microservices, thereby extending the API security and analytics capabilities.
“We’ve brought advanced machine learning business logic inference, an API called sequence modeling into our service mesh capability that allows us to understand and protect those APIs and see all of the connections in every conversation,” Gillis explained.
This year’s event also saw the introduction of Project Watch, a multi-cloud networking and security capability that provides advanced app-to-app policy controls, as well as the unveiling of the NSX Advanced Load Balancer with new bot management features, and the expansion of network detection and visibility to the vendor’s Carbon Black Cloud endpoint protection platform.