VMware integrated Menlo Security technologies into its secure access service edge (SASE) platform and started talking about its extended detection and response (XDR) strategy among several other security updates announced today at the virtual VMworld event.
While VMware was one of the earlier vendors to tout its SASE prowess and product, it largely relied on VMware’s VeloCloud SD-WAN capabilities and had a few holes in the security stack.
SASE, a network and security architecture, combines networking and security capabilities in a cloud-managed platform. And to date, VMware has partnered with Zscaler to fill the holes in its security stack including secure web gateway, cloud access security broker (CASB), and browser isolation.
VMware Gets SASE With Zscaler, Menlo SecurityToday VMware formalized its partnership with Zscaler. The two announced a “preferred partnership” for enterprises that want to combine VMware and Zscaler technology to build a SASE architecture.
Rajiv Ramaswami, COO of proudcts and cloud services at VMware, called Zscaler “the leader in web security,” during a briefing with reporters. “Together we will deliver a solution for best-of-breed capabilities joining the VMware SD-WAN, zero-trust access for network connectivity, and our firewalls, together with Zscaler’s industry-leaning security capabilities,” he said.
For customers looking for an all-in-one SASE product, VMware announced its new VMware Cloud Web Security service will natively integrate Menlo Security’s secure web gateway, CASB, and remote browser isolation capabilities. The company plans to make Cloud Web Security available in early 2021.
More SD-WAN, SASE UpdatesIn addition to the two cloud security partnerships, VMware rolled out other SASE updates. It expanded its SD-WAN global network to more than 2,700 cloud service nodes across 130 points of presence (POPs), which VMware claims is larger than any other SASE network on the market.
The vendor also combined its SD-WAN and Workspace One digital workspace platform into a single, cloud-hosted service called VMware Secure Access. This service, which will be part of VMware’s SASE platform, is slated for release by the end of January 2021.
A new capability called Edge Network Intelligence will give IT teams added visibility and telemetry into the end-user experience across applications and networks. VMware expects this service to be available by the end of October.
Additionally, VMware announced plans to integrate its NSX Firewall into its SASE platform for a cloud-delivered firewall. This is a stateful Layer 7 firewall that will come in single-tenanted and multi-tenanted deployment options. VMware plans to make this available next year.
VMware Carbon Black Workload Agentless SecurityAmong a slew of other VMworld security announcements, VMware unveiled Carbon Black Workload, which essentially integrates Carbon Black’s endpoint security capabilities with VMware’s vSphere compute virtualization platform. It provides agentless security, including prevention, detection, and response capabilities, across workloads running in virtualized, private, and hybrid-cloud environments.
“This is an agentless deployment of Carbon Black that will now come with your different VMware solutions,” said Chris Wolf, who leads the Advanced Technology Group in the VMware office of the CTO. “So we have Carbon Black Workload for Horizon VDI, and this is going to give you baked-in integration for agentless security, audit remediation, vulnerability assessments, and so on.”
VMware plans to extend Carbon Black Cloud Workload to other products and services across its portfolio later this year including a new Carbon Black Cloud module for hardening and securing Kubernetes workloads. The new capabilities will give security teams governance policy and control of Kubernetes environments.
VMware’s XDR Security StrategyLooking to the future of security operations, VMware also announced its approach to XDR — which is quickly becoming the hottest new security buzzword-slash-acronym with security giants such as Microsoft, Palo Alto Networks, McAfee, and Cisco scrambling to be first to market with complete XDR capabilities. Just last week startup Kognos rolled out its XDR platform and a partnership with VMware Carbon Black.
XDR combines elements of security information and event management (SIEM), security orchestration, automation and response (SOAR), endpoint detection and response (EDR), and network traffic analysis (NTA) in a software-as-a-service (SaaS) platform to centralize security data and incident response. This improves threat detection because it correlates threat intelligence across security products and provides visibility across networks, clouds, and endpoints.
VMware says its XDR strategy includes a multi-year effort to build “the most advanced and comprehensive security incident detection and response solutions available.” It will combine security technologies and platform integrations across VMware products including Workspace One, vSphere, Carbon Black Cloud, and the NSX Service-defined Firewall.