We have officially arrived in the era of running applications on public cloud infrastructures. Legacy, monolithic applications are leaving enterprise premises and finding new homes on public cloud platforms such as AWS, Microsoft Azure, and Google Cloud Platform (GCP). These workloads are increasingly distributed across virtual machines (VMs), containers, and serverless architectures. However, this wide distribution means they need to be monitored, and their various configurations need to be kept secure.
The dynamic environments of today mean tracking, analyzing, and securing workloads can become an endless game of cat and mouse. Cloud Security teams need to reduce the attack surface and ensure their applications have native protection.
Advanced Protection for Public Cloud Workloads
We are excited to continue our commitment to protecting workloads no matter where they reside. VMware Carbon Black Workload now supports workloads running across VMware vSphere, VMware Cloud, AWS, and now Azure and GCP. Users can get the full protection and capabilities of Carbon Black Cloud to natively protect their public cloud environments.
Easy Onboarding and Account Management
Using the Carbon Black Cloud console, admins can easily add, manage, and onboard new Azure subscriptions and GCP projects. Users can now add accounts either 1-by-1 or multiple at a time. When organizations grow their environments, adding accounts by groups is a much more effective and efficient use of time. Customers can now upload multiple public cloud accounts via an API, spreadsheet upload, or a single parent upload with just one click.
Add a Public Cloud Account page view for GCP Projects
Generate Inventory
Carbon Black Workload will help users organize all Azure and GCP VMs and provide visibility into their details.
We’ve organized an entire asset inventory while pulling relevant data from each public cloud environment, all together into the Carbon Black console. This prevents the user from having to search across various platforms to get actionable metrics on a specific environment like:
- How many workloads exist
- How many workloads are or are not protected
- Virtual Network/VPC
- Subnets
- Security groups/routes
Having access to this inventory is important because it allows users to see the operating systems, which policy it is associated with, and which sensor has been deployed – helping them operationalize security in a more meaningful way.
Inventory page view for Azure Cloud Workloads
Seamless Deployment
Machines can be in different stages of development, and there is no one-size-fits-all method to deploy a sensor. With Carbon Black Workload, users can protect assets quickly and efficiently for a seamless deployment. Whether machines contain sensitive information and must be handled manually, or are not even up and running yet, Carbon Black will help users be prepared at the time of creation.
There are several options to deploy the sensor:
- Manual sensor installation
- Auto-generate deployment script using Init
- Custom machine image with the Carbon Black sensor
- Auto-generate deployment script for CI/CD integration
Going forward, thanks to Carbon Black’s integration with the Event-driven architecture of Public Cloud, any VM that is created or modified will be reflected immediately on the Inventory Page. Carbon Black works with expanding environments and growing needs, protecting public cloud infrastructures and giving users the power to respond to any unwarranted threats.
Additional Resources:
To learn more about these capabilities, check out our technical release notes to get started today. And read about our work with native support for AWS here.