New enhancements include: Micro-segmentation Assessment, Air-gapped NDR, and Scale-out Data Lake Platform (Security Services Platform 5.0)
For decades, enterprises have relied on perimeter defenses to protect their private cloud assets from external threats. Yet, in this era of ransomware, protecting only the perimeter has proven to be insufficient. Traditionally, only a handful of “crown jewel” applications were protected inside the private cloud. East-west traffic being ~4X more than north-south traffic, extending perimeter defenses internally proved neither scalable nor economically feasible. As a result, large portions of the private cloud remained vulnerable, enabling attackers to breach weakly protected non-critical workloads and laterally move to compromise high-value assets – crown jewels – ultimately causing significant damage.
VMware vDefend is a software-defined, hypervisor-integrated security solution architected to comprehensively protect every VMware Cloud Foundation (VCF) private cloud workload – including both critical and non-critical workloads. We are excited to announce new vDefend capabilities that:
- Expand the enterprise’s micro-segmentation scope with planning and assessment,
- Seamlessly scale lateral security across application environments,
- Simplify lifecycle management and operations, and
- Deploy threat detection in regulated environments with air-gapped NDR
These capabilities are designed to accelerate the implementation of zero-trust lateral security in the VCF private cloud. They are especially critical in brownfield environments, which are poorly segmented, and application communication patterns are primarily unknown. Additionally, SE Labs (a leading cyber security test lab) has provided independent validation of vDefend’s real-world effectiveness.
Here are the key highlights:
Kickstarting Micro-segmentation Assessment and Planning
- Security Segmentation Report – Part of our Security Intelligence tool for lateral security visibility and threat analytics, the security segmentation report provides security teams and compliance officers with a clear assessment of the current segmentation health (via segmentation score), identifies gaps and offers actionable next steps to improve the segmentation posture. This is the magic bullet that enables enterprises to rapidly and comprehensively roll out zero-trust lateral security to combat ransomware.
- Lateral Security for VCF validated solutions guide – A must-have, verified technical reference for quickly deploying VMware vDefend Zero Trust lateral security in VCF private clouds.
Streamlining Security Operations
- Security Services Platform – A self-contained, simplified platform that hosts Security Intelligence and advanced threat prevention features. It also provides a scale-out architecture to address the growing analytics and security demands of large VCF deployments.
- Micro-segmentation-as-Code – Automates policy deployment with the applications, accelerating secure application rollouts.
- Network Detection and Response (NDR) for Air-Gapped Environments – Enables real-time threat detection and response in classified or high-security deployments without requiring external connectivity.
Third-party Validation
- SE Labs Test Validation Report for VMware vDefend Advanced Threat Prevention (ATP) – Awarded a highly coveted AAA rating in a rigorous multi-stage attack test against the most sophisticated real-world threats.
Business Value – Analyst Insights from Customer Interviews
- Forrester Total Economic Impact (TEI) – Found that customers using VMware vDefend reduced cyber breach risk by 40%, improved security operations team productivity by 25%, avoided 10% cyber insurance premium increases, and realized 116% ROI.
An Easy Button For Robust Private Cloud Security
Introducing the Security Segmentation Report with Security Intelligence
Today, we’re excited to announce the launch of the Security Segmentation Report, a powerful new Security Intelligence tool of vDefend for real-time assessment of the segmentation posture of the VCF private cloud. By analyzing network flow data alongside existing distributed firewall security rules, this assessment delivers a clear picture of your current micro-segmentation posture, pinpointing gaps caused by insecure network protocols and inappropriate application communication, measuring progress with a security segmentation score, offering actionable recommendations, and helping you stay ahead of potential breaches.
- Automated Segmentation Assessment: Gathers up to 30 days of network flow data to uncover potential security gaps and deliver timely, data-driven insights related to application communication.
- Security Segmentation Score: Evaluate your network flows and the distributed firewall rules to identify gaps in micro-segmentation and provide actionable next steps, enabling you to track progress toward a fully segmented private cloud.
- Actionable Recommendations: Highlights areas for improvement and provides specific, easy-to-implement policy recommendations for the roll-out of zero trust lateral security.
Figure 1 – Numerical score quantifies your current segmentation posture
Figure 2 – Visualize only the workloads that are potentially exposed and understand their communication
VMware vDefend Design Guide for Securing VCF Private Cloud
After the Security Segmentation Report uncovers potential risks and areas for improvement, the next step is putting those recommendations into action—quickly and confidently. That’s where the lateral security for the VCF-validated solutions guide comes in. This thoroughly vetted resource provides a step-by-step blueprint for deploying Zero Trust lateral security with VMware vDefend in VCF, ensuring best practices are consistently applied across your entire environment. By following its verified configurations and guidelines, security and IT teams can streamline setup, reduce guesswork, and accelerate the path to a cyber-resilient private cloud. Whether you’re new to security or a seasoned veteran, the VMware Validated Solutions guide makes it easier than ever to transform your security plans into a tangible zero-trust lateral security strategy.
Simplifying Security Operations
In today’s fast-paced private cloud security landscape, smaller teams need to do more with limited resources. Our new features enable enterprises to activate advanced threat detection and prevention swiftly.
Security Services Platform with Next-generation Architecture
Security Services Platform (SSP) is a self-contained, scale-out platform that makes deployment of Security Intelligence and advanced threat prevention tools, such as NDR and Malware Prevention (for blocking malicious files), quick and easy.
Its latest 5.0 release offers a simplified network design, a tailored user profile for security admins, and easier workflows for configuration and deployment.
- Simple OVA Deployment – makes adoption fast and hassle-free, letting teams quickly roll out Security Intelligence and advanced threat prevention capabilities.
- Scale-out Architecture – ensures that visibility and threat prevention automatically extend to workloads of large-scale VCF deployments
- Enterprise-Ready Backup & Restore – Built-in, streamlined processes ensure your security infrastructure can quickly recover, helping maintain business continuity and compliance.
- Independent Upgrades and Enhanced Interoperability – Upgrades are decoupled from other platform components, simplifying the update cycle while ensuring broader compatibility with VCF.
Micro-segmentation as Code–Lateral Security at the Speed of Apps
Most security gaps arise when applications are deployed first and then protected retroactively—a time-consuming approach that can leave workloads exposed to attackers for an extended period. VMware vDefend plug-n-play integrations with VCF address this issue by allowing you to define and apply security policies at the same time applications are spun up. Through a simple “as code” model, you can ensure that every new workload is protected from day one, eliminating the waiting period often associated with deploying workloads first and layering on security later.
- Declarative Model – Allows operators to specify the full intent of an application security policy; vDefend then converts this intent into a working configuration, simplifying policy creation and implementation.
- Automate Security with Tag-Based Policies – Define policies by application tags (e.g., dev, prod, test) for dynamic Zero Trust enforcement. As workloads are created or re-tagged, vDefend automatically applies the right policies—no manual reconfiguration needed.
- Expand with Scripting – Modern-day applications grow and shrink depending on demand. With automation, customers can auto-scale security to ensure that applications stay safe and secure.
Figure 3 – Declarative payload using Postman to create a policy with an API call
NDR Enhancement for Air-Gapped Environments
VMware vDefend NDR now supports mechanisms for organizations to securely update threat intelligence in standalone operations without external network access. This ensures that all detection, correlation, and response activities are executed with higher fidelity entirely within the closed network, leveraging both internally and externally sourced threat intelligence and providing an additional layer of protection against targeted attacks in sensitive or classified environments. This approach uses local storage and processing, ensuring real-time analysis and threat response while mitigating the risks associated with external connectivity, making it a unique solution for high-security, regulatory-sensitive, and isolated networks.
Enhanced Security: Operates effectively in environments without external connectivity, minimizing exposure to external threats and attack surfaces.
Operational Flexibility: Enables deployment in sensitive, high-security environments like critical infrastructure or classified systems without compromising NDR capabilities.
Regulatory Compliance: Supports industries requiring strict data isolation, such as government, healthcare, and finance, ensuring adherence to compliance standards.
3rd Party Validation – Test Labs and Analysts
SE Labs’ AAA Rating for vDefend Advanced Threat Prevention
SE Labs Ltd. recently put vDefend Advanced Threat Prevention under the microscope, taking it through its rigorous tests to determine just how well it would perform in specific threat detection scenarios. SE Labs’ methodology is to test full chains of attack, including complex, multi-staged ransomware threats, using a variety of tools and techniques employed by Advanced Persistent Threat actors in the wild.
The test report results are a glowing AAA rating for vDefend Advanced Threat Prevention, which detected the most sophisticated threats with the highest accuracy. You can find the full report here.
Forrester Total Economic Impact (TEI) Report – 116% ROI for vDefend
In a Total Economic Impact (TEI) study commissioned by Broadcom, Forrester Consulting interviewed customers using VMware vDefend and combined the results to form a single composite organization. Their analysis revealed that organizations using vDefend:
- Reduced their cyber breach risk by 40%,
- Improved security operations team productivity by 25%, and
- Avoided 10% cyber insurance premium increases
These organizations also saved on capital expenditures by eliminating the need for costly hardware, thanks to vDefend’s software-defined distributed firewall and dynamic threat protection. Additionally, the composite organization realized a 116% ROI. You can find the full study here.
Learn more about vDefend by registering for our upcoming webinar series or watching them on-demand from our library here.
