VMware Unveils Security Enhancements in Virtual Cloud Network Offering

On the second day of its 2019 VMworld conference, VMware unveiled a series of new and enhanced network and security capabilities for the company’s Virtual Cloud Network offering.

Virtual cloud networking provides a software-defined network that can connect apps and data across an organization’s data center, cloud and edge infrastructure. VMware says 13,000 customers, including 88 of the Fortune 100 and eight of the top 10 telecoms firms, use its Virtual Cloud Network solutions. The offering is built on NSX technology and it includes several products.

VMware announced on Tuesday the introduction of the NSX Advanced Load Balancer, which includes a software load balancer and an intelligent web application firewall that can be dispatched to cloud applications running on virtual machines (VMs), containers or bare metal servers.

The company also unveiled the 2.5 release of its NSX-T network and security platform. The latest NSX-T release includes a Native Cloud Enforcement mode designed to allow organizations to increase protection for public cloud workloads, the ability to apply Layer 7 application ID-based or context-aware rules to the NSX edge firewall for north-south traffic, packet mirroring for east-west traffic monitoring, VPN enhancements for multi-tenancy, and FIPS 140-2 compliance.

The crown jewel of NSX-T 2.5, as VMware describes it, is NSX Intelligence, a distributed analytics engine that provides continuous visibility for network and application security teams.

“Traditional approaches involve sending extensive packet data and telemetry to multiple disparate centralized engines for analysis, which increase cost, operational complexity, and limit the depth of analytics. In contrast, NSX Intelligence, built natively within the NSX platform, distributes the analytics within the hypervisor on each host, sending back relevant meta-data to a scale-out, lightweight appliance for visualization, reporting and building machine-learning models,” explained VMware’s Umesh Mahajan.

Mahajan added, “Combining the deep workload and network context unique to NSX, the engine provides detailed application topology visualization, automated security policy recommendations, continuous monitoring of every flow, and an audit trail of security policies, all built into the NSX management console for a single-pane-of-glass experience.”

VMware has published a blog post describing all the improvements in NSX-T 2.5.

Related: VMWare to Acquire Endpoint Security Firm Carbon Black

Related: New VMware Firewall Focuses on Known Good Behavior

view counter

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Previous Columns by Eduard Kovacs: