VMware Launches Multiple Projects to Integrate Network and Security Ops
At the VMware Explore conference this week, VMware previewed multiple initiatives to more tightly integrate security and network operations teams.
At the core of that effort is Project Northstar, a software-as-a-service platform for managing instances of VMware NSX virtual networking software. Capabilities include network and security policy management, network detection and response (NDR), network visibility and analytics, advanced load balancing and workload mobility across multiple clouds.
At the same time, a Project Watch initiative promise to make it simpler to apply policy controls to applications running on multiple clouds, while Project Trinidad will enable IT teams to deploy sensors on Kubernetes clusters to analyze metrics using machine learning algorithms to detect anomalous behavior in east-west traffic between microservices.
Under an early access program, the company is also making available an update to the Carbon Black Cloud endpoint protection platform that extends the visibility provided by the security platform the network attached to an endpoint.
In addition, VMware NSX Gateway Firewall has been updated to improve overall throughput and add intrusion detection and prevention, malware analysis, sandboxing, URL filtering, TLS proxy, stateful firewall and stateful network address translation (NAT) capabilities, while VMware NSX Advanced Load Balancer has been updated to add bot management capabilities and other enhancements to its web application firewall, malware detection, security analytics and distributed denial-of-service (DDoS) protection capabilities.
VMware also is adding web proxy-based connectivity to VMware Cloud Web Security to its secure access service edge (SASE) platform. Finally, the latest update to VMware NSX 4.0 and VMware vSphere 8 makes it possible to offload processing to data processing units (DPUs), also known as smart network interface cards (SmartNICs).
Pere Monclus, CTO for the network security business unit at VMware, said the company is pursuing a two-pronged approach to melding networking and security operations. Legacy approaches to securing IT environments using, for example, network firewalls and network detection and response capabilities gained via the acquisition of Lastline in 2020 is one approach; an alternative approach is based on securing API endpoints. Eventually, those two approaches will converge to improve the overall state of IT security, he added.
The biggest challenge, of course, is the longstanding divide between cybersecurity teams, IT operations staff and application developers, said Monclus. It may take years to bridge that divide, but cybersecurity will gradually improve as more integration across security platforms is achieved, he noted.
In the meantime, the responsibility for managing security operations is continuing to shift toward IT operations and application development teams, in part to compensate for the chronic shortage of cybersecurity professionals. As that transition continues, more security processes will simultaneously become automated. That shift won’t reduce the need for cybersecurity professionals as much as it will free them up to create policies and investigate the increasing amount of sophisticated cybersecurity threats.
Of course, not every organization has standardized on a network virtualization platform to achieve that goal; one way or another, the rate at which networking and security operations will converge is only going to accelerate in the years ahead.
