“For a long time, we've focused on one or two layers of security and in many cases just one – perimeter. In the age of cloud, mobile devices, edge services and IoT, this is no longer enough,” says Ingram Micro NZ VMware business development manager Adam Saunders.
If you are in the cybersecurity market, this may be something you have been aware of for some time now but, in the modern age of flexible working environments, it is more important than ever.
What you may not realise, is that VMware is now a major player in the end-to-end security space with a range of modern products to keep an organisation safe from the server to the network to the cloud.
Secure the LAN
As we adopt containers and serverless computing, the most important place for security is the network, Saunders explains.
Placing a perimeter around an entire infrastructure has become prohibitively expensive and pragmatically infeasible – until now.
VMware's NSX virtualised security solution now allows for exactly that – putting security controls that exist at the edge around all of the workloads to build a zero-trust network that provides internal enforcement to ensure everyone is only accessing what they should be accessing.
Secure the WAN
With the acquisition of Gartner Magic Quadrant Leader VeloCloud, VMware is now able to provide an SD-WAN solution that enhances wireless security across any device that hooks into the network.
VeloCloud is an onramp into the cloud, Saunders states.
With VeloCloud's cloud-based Orchestrator every gateway and SaaS provider is covered by a meshed environment that manages all traffic whether MPLS, fibre or 4G, and protects it with end-to-end encryption.
Out of the box, VeloCloud is set to deny, creating a locked environment that allows IT staff to create policy by unlocking as they go.
VMware partners with firewall providers to integrate with VeloCloud, whether running on top of the VeloCloud edge device so that traffic is sent to the firewall before being passed to the router, or back to back with a physical appliance so the firewall doesn't have to worry about routing decisions, maximising throughput.
Secure the server
Saunders explains in detail how the combination of vSphere and AppDefense creates a unified platform that covers both virtual machines and containers and provides visibility throughout storage and network, with security all integrated at the hypervisor level.
Through the unification of Dev and Ops across the entire infrastructure, true DevOps is enabled, with proactive, behavioural analytics at every point.
Any unexpected behaviours are given a risk score, meaning that the security team are able to easily triage.
Encryption is also provided across all data both in motion and at rest.
For more technical detail, see the full video below.
Secure the device
The days of a single OS across an entire organisation are gone for good, Saunders says.
With tablets, phones, and IoT all on different operating systems and all connecting to the same network, a new end-point protection approach is needed.
Saunders explains how VMware Workspace One works across application and identity, desktop and mobile, to provide managed enterprise-grade security with a simple consumer-grade interface.
With the recent purchase of Carbon Black, VMware can now also provide cloud-based endpoint protection with a simple lightweight agent for any size of organisation.
Carbon Black combines traditional antivirus with machine learning to create a full security solution that can even identify new threats before they happen based on behaviours, and it feeds back new information about threats into the cloud to continually improve detection rates.
It records every interaction on every device so, if a breach does occur, audit and remediation can begin as soon as possible by identifying the exact moment of the attack on the device it occurred.
For more information watch the video below.
If you are interested in becoming a reseller or service provider for VMware's end-to-end security solutions you can contact Ingram's Adam Saunders to learn more.