Security is an ever-changing domain, with threat actors continuously evolving their tools and tactics. No better example of this exists than the recent ESXiArgs ransomware attacks, which uses a variety of methods to breach systems and then deploy their ransomware payload. These attacks have highlighted important truths about protecting virtual infrastructure. Virtual infrastructure is a high-value target, precisely because organizations run their most important workloads there. It is incredibly important to design proactive security into environments, but also very important to react quickly to new threats. Organizations are recognizing the need to keep infrastructure components — virtual and otherwise – up to date and hardened against today’s threat landscape, just as they keep their workloads updated. VMware vSphere helps customers with all these challenges through:
- Built-in security capabilities that can be enabled easily for enhanced vSphere and workload security.
- VMware ESXi updates & upgrades with zero downtime for workloads using VMware vSphere vMotion, orchestrated with VMware vSphere Lifecycle Manager.
- VMware Ransomware Resource Center which offers tactics to help prevent, deter, and recover from attacks.
- VMware vSphere Security Configuration Guides that supply hardening guidance for vSphere, helping customers protect their environments.
- VMware Security Advisories that deliver proactive and transparent notifications of product security issues, so that threat actors never have an advantage over our customers.
At VMware we are dedicated to helping customers protect their businesses. One can associate nearly every feature in vSphere to one of the core tenets of information security – confidentiality, integrity, and availability – making vSphere a flexible choice for building secure hybrid virtual environments. One size does not fit all when it comes to security, and easy-to-use features let our customers choose how far they want to go when designing and operating secure environments, while keeping staff time commitments low:
- vSphere vMotion is the original workload availability tool, decoupling infrastructure maintenance activities from workload availability. Since 2005, patching of clustered ESXi hosts has meant no workload downtime. Enhancements in vSphere 7 and 8 have made vMotion capable of moving the largest and most intensive workloads gracefully.
- vSphere Lifecycle Manager makes system maintenance easy and deterministic, by allowing administrators to define how their hosts should look, applying that software configuration, and monitoring for unwanted changes. Lifecycle Manager uses vMotion and the vSphere Distributed Resource Scheduler to automate workload migrations during maintenance, allowing administrators to run safe and unattended patches of thousands of hosts.
- vSphere Identity Federation allows administrators to bridge their existing corporate identity providers to VMware products, enabling multifactor and two-factor authentication (MFA & 2FA). Authenticating with multiple factors helps protect against credential theft, a common threat vector.
- Support for confidential computing technologies like AMD SEV-ES and Intel SGX future-proof systems against hardware-level attacks. vSphere Trust Authority adds continuous monitoring of ESXi host trustworthiness, building on Secure Boot, TPM support, code signing, and host attestation.
- Native Key Provider, VM Encryption, and vSAN Data-at-Rest Encryption have made protecting data at rest an easy and rapid process that works seamlessly at the infrastructure level, while VM snapshots, clones, replication, High Availability, Fault Tolerance, and many more help workloads improve their own confidentiality, integrity, and availability.
Over the years we have built on the strong foundation of vSphere to help customers enable and secure their business. Looking forward, we know the threat landscape will continue to evolve, as will the needs of our customers. From technical enhancements to process guidance and education, we will continue to develop tools that help organizations accelerate innovations with vSphere while staying resilient to new and specialized threats, whether on-premises, in the cloud, or at the edge.