For many global organizations, workloads can be where the most critical business information resides. These teams need to enforce a strict security posture, ensuring their workloads are not directly exposed to the Internet for security, regulatory, and compliance reasons. As such, only a handful of identified computers or appliances can receive traffic from the Internet and respond to said traffic.
VMware Carbon Black is excited to announce the first installment of our Sensor Gateway for Linux available to all VMware Carbon Black Workload customers, bringing full NGAV (Next Generation Antivirus), EDR (Endpoint Detection and Response), and Audit/Remediation to those in air-gapped systems. With the Sensor Gateway, VMware Carbon Black will help enterprises keep their workloads secure and insulated from any Internet traffic, removing the burden of owning, managing, and budgeting for additional proxy servers. This feature will also help enterprises pass compliance audits and reduce the attack surface for workloads by directing sensor traffic through a trusted secure entity.
Figure 1: Keep your workloads secure and insulated from any Internet traffic
Key Capabilities and Benefits
This feature will also help enterprises pass compliance audits and reduce the attack surface for workloads by directing sensor traffic through a trusted secure entity. It acts as a bridge for all inbound and outbound communication between the Carbon Black sensors deployed on your workloads and the Carbon Black Cloud.
This tool will allow users to:
- Internal Secure Gateway for All Inbound/Outbound Communication – All communication to and from VMware Carbon Black Cloud is directed through the Sensor Gateway. All sensors deployed on the workloads will communicate with the Carbon Black Cloud via the Carbon Black Sensor Gateway.
- Easy Sensor Gateway Scaling – Each Sensor Gateway will be able to support up to ten thousand sensors. Following this threshold, additional sensor gateways can be spun up to handle the increased workload.
- Improve Security Posture for Your Most Locked-Down Systems – Many organizations are forced to use older signature-based antivirus products with few EDR capabilities on air-gapped networks. Replace legacy signature-only antivirus products with modern NGAV and leverage true EDR capabilities for stronger security.
- Notifications and Alerts – When a Sensor Gateway is disconnected or overburdened, customers will be notified in the product as well as via email. Customers will also have the ability to turn off subsequent notifications in the UI if they wish to do so.
- Broad OS Support – The Carbon Black Sensor Gateway will support Virtual Machines and Physical Servers along with commonly used Linux Operating systems as noted in the supported OS. Windows support will be added shortly.
Please note that this feature will only work for newly installed Linux sensors, however, support for existing sensors will be coming soon.
Additional Resources:
To learn more about this feature, check out our technical release notes and use this Install and Configure Guide to get started today.
