Network Security

VMware is Not New to Enterprise Security

None of us can stop thinking about how 2020 has changed the way we go about our daily tasks. Going to school, going to the store, going out to eat — going anywhere at all. But now, for the first time, we are not even going to work! Everyone has been pushed to work from home. This change has a wide-ranging set of variables that need to be addressed, from the business limits on resources for connectivity to the employee’s limits on remote resources of space, privacy, and uninterrupted concentration. 

The overnight reliance on remote, personal, shared services for connectivity from the worker to the corporation has forever put an end to the idea of a security perimeter. Zero Trust Architecture (ZTA) has moved from being an academic discussion to persistent customer requests for solutions. This shift is furthered by the timely release of the US National Institute of Standards and Technology’s NIST Special Publication 800-207 ZTA Guide. At the same time, we now see numerous security industry vendors claiming their products will provide Zero Trust. 

Naturally, many VMware customers want to know how we can help them with ZTA. With last year’s purchase of Carbon Black and the recent acquisition of Lastline, customers are just now seeing that VMware has something to offer, but they’re still reluctant to view VMware as a true security vendor. 

I am just finishing my 10th year here at VMware. I have always been a security specialist. I have worked at IBM and Internet Security Systems, and between those two and VMware, I’ve been the security director for a multinational company for the last 30 years. And I can tell you, security is nothing new to VMware! 

Let’s look back for a moment

In 2007, VMware saw that the hypervisor would be the perfect environment in which to place security functions. It would allow for security to be distributed to the guested VM, rather than externally. In 2007, VMware also acquired Determina, which provided security advisory services. Next, they purchased Blue Lane (more history later) as a distributed firewall. In 2008, the idea of having the hypervisor provide security was first released as an API set called VMSafe, which was only available to partners. Those first partners of IBM (where I came from), Checkpoint, Trend Micro, McAfee, and some others, were able to provide VM to VM protection via the hypervisor. Note that VMware has been able to provide micro-segmentation since 2008! We just didn’t have a cool industry marketing term for it back then. 

Well, to VMware’s disappointment, our partners didn’t embrace the idea of using the hypervisor. But VMware had the vision to pursue it nevertheless. That prompted the purchase of Configuresoft as a vulnerability assessment and mitigation tool. Next was NeoAccel, an SSL VPN company, followed by PacketMotion, a user identity and rights software firm. In 2010, these companies and their people and tools were combined into VMware’s first a la carte set of security products, named vShield.  Later in 2013, vShield became a suite offering called vCloud Networking and Security. 

In 2012, VMware acquired Nicira. This made VMware the best virtual networking company for SDDC in the industry. VMware took its software-based security products, bundled them with Nicira, and debuted NSX. NSX is in fact two product lines under one license. The two work great together, but they don’t rely on one another. This is why we have customers using NSX for virtual networking without security and vice versa. 

But remember that VMware also bought Airwatch and Boxer for EUC and mobile security. Both now reside in Workspace ONE. The net result is that we offer security on any device and control access to SaaS offerings in a powerful yet simple way. 

Along the way, VMware bought Arkin to dramatically bolster its troubleshooting, monitoring, and management capabilities. Arkin was founded by the same people who gave us Blue Lane. So, the people who gave us the distributed firewall also gave us an easy way of monitoring it. 

Next came VeloCloud, E8 Security, and CloudCoreo. Here VMware moved into the provider and cloud markets with respect to security. VeloCloud provides remote site protection measures and secure communication. E8 enhances EUC security management. CloudCoreo, now called Secure State under the Cloud Health portfolio, allows for easy public cloud assessment of common configuration issues. Secure State is very valuable for assessing and maintaining regulatory compliance in the public cloud. 

VMware also acquired Avi Networks, which added the best software load balancer to our offerings and included Web Application Firewall (WAF) protections. 

Despite this security recordit seems that the Carbon Black acquisition was what really made the industry understand that VMware had to be taken seriously as a security vendor. With Carbon Black now integral to vSphere and enabling agentless protection of workloads, we can provide simple and ubiquitous protection while demonstrating compliance with regulations. Add in the Carbon Black Cloud offering for SaaS protection, and we again show just how unique and wide-ranging we are in vision and execution.

Not to be left out of the containers market, VMware added Octarine as a means to provide protection to cloud native apps on Kubernetes. 

Last but not least  Lastline (pun intended). Lastline’s artificial intelligence (and you are required to say machine learning too) engine, plus the number of sensors they’ve placed around the world, allow for a massive undertaking to identify first hand new iterations of old attacks, zero-day attacks, and threat hunting methods. Lastline truly gives VMware a proven analysis engine that outperforms the competition. The sheer beauty is in Lastline’s ability to take a data lake of raw data and reduce it down to actual threats — with an extremely low false-positive rate. 

So now when you think security, take into consideration VMware’s 13-year quest to improve the fidelity of security on any device, on any app, and on any cloud. And that is without bringing up new integrations between all of the above products and the home-grown development of Distributed Intrusion Detection/Protection (IDS/IPS) and NSX Intelligence. 

Now you can see what I’ve witnessed over the last 10 years at VMware. We are truly a security company!