This piece was written by Arjun Narang and Ashwin Manekar 

Workload Protection Updates and New Feature

We’re excited to announce the general availability of Workload 1.1. This release includes user experience and usability feature enhancements, and a new tagging feature with NSX-T. With this new release, you’ll see our continued focus on helping customers with their security and IT modernization needs.  

Update – Enhanced Proxy Support  

Many VMware Carbon Black Workload customers are running their critical workloads in a protected and non-internet facing environment. Many want the sensor traffic to pass through an on-prem proxy for traffic visibility and for auditing purposes. With proxy support, the communication between the Carbon Black service and the Carbon Black Workload components, Appliance and Sensor, can pass through a configured on-premises proxy server. Carbon Black Workload supports key proxy types such as HTTP, HTTPS, SOCKS4, and SOCKS5.  

Users can easily configure proxy settings with their Cloud Workload Appliance as shown below. This will ensure all inventory data from vCenter is sent to the Carbon Black Cloud Console via a configured proxy. 

Users can install Carbon Black sensor using Carbon Black Cloud Console and enter proxy settings information in the config.ini. This will ensure the Carbon Black sensor installation bits are downloaded via the proxy server on the virtual machines.  

With the current enhancement, the sensor installation is also re-directed through the Proxy server.  

Update – Infrastructure Enhancements  

Several enhancements have also been made to the administration and lifecycle management of Carbon Black Workload components. The process to register an appliance is now simplified by allowing the users to easily select the Carbon Black environment instead of manually entering that information. Appliance administrator can now easily control the cadence for upgrades. It can be easily scheduled to a specific time and specific day. Also, it is easier to find out about the appliance password expiry from the plugin dashboard in the vSphere client.  

New Feature – NSX-T Tagging  

VMware Carbon Black has developed a tight integration with VMware NSX-T distributed firewall to provide protection of your VMs from the networking layer. Users can now assign an NSX-T tag and associated firewall policy to a VM directly through the Carbon Black console. This action can be taken when a Carbon Black alert has been generated or from the Carbon Black inventory view. 

This integration enables users to leverage the advanced distributed firewall policies provided by NSX-T directly through VMware Carbon Black. By providing three policies out-of-the-box, this joint solution gives a degree of flexibility and customization that would otherwise not be available solely through VMware Carbon Black. 

For more information on this release, check out our technical Release Notes page.  

Check out the Workload 1.1 Proxy update and NSX-T Tagging feature in a video demo here.