The Grammys are over, the Oscar nominations are out, and awards season is just getting started for VMware SASE solutions. We’re honored to announce that we have won two gold awards for VMware SASE™ and VMware Secure Access™ in the 2021 Cybersecurity Excellence Awards. This marks the first industry award for VMware Secure Access, a component of the VMware SASE Platform™.
These awards recognize companies, products, and professionals that demonstrate excellence, innovation, and leadership in information security, according to their website. They are produced by Cybersecurity Insiders in partnership with the Information Security Community on LinkedIn, tapping into the vast experience of over 400,000+ cybersecurity professionals to honor the world’s best cybersecurity products, professionals, and organizations. The awards are based on the strength of their nomination and the popular vote by members of the Information Security Community (both ratings and comments).
And the gold goes to …
VMware Secure Access Service Edge (SASE) converges networking and security delivered as a cloud hosted service. VMware SASE enables reliable, secure, and efficient access for users located anywhere to applications on any cloud, while protecting users and infrastructure against internal and external threats.
The VMware SASE architecture expands VMware’s unique SD-WAN advantages with SASE Points of Presence (PoPs) to deliver network and security services that include SD-WAN Gateway, Secure Access, Cloud Web Security, and NSX Cloud Firewall to meet that objective. The services include capabilities like URL filtering, anti-virus and malware protection, and remote browser isolation.
The solution also offers built-in firewall capabilities on the edge devices, with the option to deploy a third-party firewall as a virtual network function.
Cloud-first architecture allows VMware to deliver network and security services to maintain very close proximity between users and applications for low-latency access. This helps deliver rich user experience for voice, video, and other real-time applications that are extremely sensitive to latency.
VMware SASE features ease of management and a rich end-user experience. Any on-premises component of the solution is automated with zero-touch provisioning. Cloud connectivity to the nearest SaaS and IaaS providers is automatically discovered based on geo-proximity of the user. Policy configuration is centralized for agile implementation at all locations. Alignment between network policies and security policies eliminates human error and inconsistent policy enforcement.
The solution has policies for over 3000 applications pre-configured so that IT doesn’t have to delay migrating to the VMware SASE architecture. VMware SASE ensures that users get a consistent experience, whether working from home, office, or on the move when accessing enterprise applications. VMware’s unique Dynamic Multipath Optimization™ (DMPO) capabilities handle varying conditions in the underlying WAN and broadband network even when there is only one link. VMware addresses varying needs of users working from home, whether they are power users needing priority treatment for critical applications, or mobile users that need connectivity from any location.
VMware SASE also provides architectural flexibility in deploying a security posture. Whether the enterprise wants to deploy a firewall closer to the edge, use a third-party firewall as a virtual network function at the edge, or direct enterprise application traffic to the data center firewall while sending SaaS and internet application traffic through cloud web security, the solution offers considerable choices. This approach gives enterprise IT the latitude they need in a changing threat landscape.
VMware Secure Access
VMware Secure Access, a key component of VMware SASE, combines the consistent, secure cloud application access functionality of VMware SD-WAN™ with the capability of VMware Workspace ONE to allow only trusted devices and users to access applications hosted on-premises, or in the cloud.
VMware Secure Access can be deployed on-premises with a unified access gateway (UAG), or cloud-hosted. In the cloud-hosted model, the tunneling headend capability is hosted in the VMware SASE PoPs, terminating sessions from Workspace ONE clients. This allows quick scaling and redundancy of the service. Traffic coming from Workspace ONE users can be chained with other services such as cloud web security within the SASE PoPs for additional security.
In addition to flexible deployment options, VMware Secure Access provides:
- Identity-driven access: VMware’s Zero Trust solution combines network security with user and endpoint context. Access can be scoped based on attributes and risks detected by Workspace ONE to ensure least-privilege access.
- Enhanced performance and comprehensive security: VMware provides the option to combine Workspace ONE as a Unified Endpoint Management (UEM) solution with VMware SD-WAN. Workspace ONE users can connect to the Secure Access service, either through the Internet or via the VMware SD-WAN Edge appliance. These industry-leading VMware solutions deliver best-of-breed connectivity and security from the endpoint — whether in a branch, at the user’s home, or in a remote setting — to applications by handling client transport security (Workspace ONE Tunnel), worldwide PoPs, as well as network optimization.
VMware Secure Access provides consistent, always-on, intrinsically secure access. With VMware Secure Access and VMware Workspace ONE’s Zero Trust Network Access (ZTNA), a user will always be connected to enterprise applications. ZTNA vets/grants users and devices policy-based access centered on user and device identity for each connection. If the user is within the branch/corporate network, the VPN service will automatically be paused. If the user works from a different location and tries to connect to their administrator-allowed applications, the network connectivity will transparently and automatically be applied with secure trust established with the device. Additional authentication can be applied as needed. Customizable per-client application policies can be fine-tuned to bring only what is needed to the remote access service, lowering user acceptance friction due to privacy concerns.
For a productive work experience, the remote access client automatically connects to the closest VMware SD-WAN cloud PoP. User traffic (policy-based) may be passed to a cloud firewall, web security service, to another enterprise branch/data center, to an application, or to a needed service. Only enterprise traffic will go to the enterprise site; SaaS/IaaS traffic is forwarded directly to the Internet. This avoids latency-inducing hair-pinned paths through an enterprise data center where strained VPN appliances might have been hosted earlier. As the traffic integrates into VMware SD-WAN, DMPO helps protect the traffic against latency, loss, and bandwidth contention.
VMware Secure Access makes it easy and fast to scale service, even in multiple regions. Routing policy and security controls remain in the hands of the enterprise while the VMware SD-WAN cloud service handles scaling, management, upgrading, and multi-region VPN service presence. The easier, productive user experience and the offloading of the service allows IT teams to focus on other critical business tasks.