News

VMworld 2021 Kicks Off with Security Blitz: Zero Trust, SASE, Ransomware Protection

• By David Ramel
• 10/05/2021

VMworld 2021 kicked off with a blitz of security-related announcements including developments in the company's "journey to Zero Trust," secure access service edge (SASE) improvements, new capabilities to fight ransomware and more.

For the latter, top of mind for many organizations weathering an ongoing deluge of ransomware attacks, the company provided updates on two fronts: initial protection and recovery after a successful attack.

While it might seem awkward that needing the second capability (recovery) could imply the first capability (protection) didn't work, that appears to be a fact of life for organizations facing down the wave of numerous ransomware attacks. How numerous? VMware said its security-focused Carbon Black Cloud records 1.2 trillion security events per day on average, and in a recent 90-day period helped stop more than 1 million ransomware attacks. It also quoted Cybersecurity Ventures research that found ransomware attacks businesses every 11 seconds, resulting in $20 billion in global damages this year.

"Ransomware is proving effective, pervasive and profitable," the company said in an Oct. 5 blog post. To ease the deployment of ransomware protection, the aforementioned VMware Carbon Black Cloud can now be enabled with a simple flick of a switch in VMware vCenter.

On the recovery side, the company announced rapid recovery capabilities in VMware Cloud Disaster Recovery. "Customers can utilize a deep history of immutable snapshots stored in an isolated cloud file system, instant VM power-on for iterative security evaluations, and powerful orchestration for highly automated testing, failover, and failback to recover end-to-end IT apps and data sets after a ransomware attack," the firm said.

The company also provided a full update on what's new for its Disaster Recovery-as-a-Servie (DRaaS) offering in regard to ransomware and other functionality, presented in detail here.

On that journey to Zero Trust mentioned above, which VMware is pursuing inside both clouds and datacenters by providing secure access to workloads, critical capabilities include:

• Workload identity with authoritative context
• Micro-segmentation with advanced east-west controls
• Workload and API security
• Cloud-to-cloud edge controls such as highly secure connectivity, fully distributed NDR and web security
• Workload-attached policies that can be automated and elastically scaled

Along with Zero Trust, SASE is another tool in the security arsenal that has been gaining in popularity. This rising star in the security space was coined by research firm Gartner, describing a way to simplify wide-area networking and security by delivering both of those as a cloud service directly to the source of connection instead of the enterprise datacenter, according to Wikipedia.

Virtualization & Cloud Review recently reported on a survey speaking to the embrace of SASE. The FireMon/Pulse Media survey indicated Zero Trust and SASE join other solutions in mitigating the ability of malware to spread across networks.

For its part, VMware introduced a new tool in its SASE arsenal, an inline cloud access service broker (CASB) service said to provide more app access visibility and control. "IT teams can more effectively apply role-based access policies to cloud-delivered apps and identify use or abuse of unsanctioned apps," the company said. "Forthcoming Data Loss Prevention (DLP) capabilities will help organizations better comply with HIPAA, GDPR, PCI and other data privacy laws by preventing sensitive data from leaving pre-defined environments."

VMware devoted a whole separate blog post to the evolution of SASE to support distributed workforces that organizations have switched to amid the ongoing pandemic. To help with that switch, the company published the VMware SASE Platform web site.

"SASE addresses many of the technical and security challenges SD-WAN introduced," the post says. "Gartner coined the term SASE and defines it as 'a security framework prescribing the conversions of security and network connectivity technologies into a single cloud-delivered platform to enable secure and fast cloud transformation.' SASE takes a combination of WAN edge services, such as SD-WAN, QoS and content delivery, along with edge security offerings, such as secure web gateway, ZTNA and encryption, to provide a secure, consistent user experience."

The following graphic illustrates how SASE addresses several business challenges and results in outcomes better than those achieved with legacy networking:

Speaking of the edge, VMware announced a new product portfolio designed just for it, aptly named VMware Edge.

"VMware Edge brings together products from across VMware that will enable organizations to run, manage and better secure edge-native apps across multiple clouds at both near edge and far edge locations. VMware Edge solutions are purposefully designed for edge-native apps and their unique performance and latency requirements."

The individual offerings making up the new portfolio include the just-discussed VMware SASE, all described by VMware like this:

• VMware Edge Compute Stack, a new purpose-built, integrated VM and container-based stack that will enable organizations to modernize and secure edge-native apps at the far edge. VMware Edge Compute Stack will be available in Standard, Advanced and Enterprise editions. VMware also has plans to develop a lightweight version of VMware Edge Compute Stack to provide an extremely thin edge for lightweight apps.
• VMware SASE combines SD-WAN capabilities with cloud-delivered security functions, including cloud web security, zero trust network access, and firewalling. These capabilities are delivered as-a-service across both the near and far edge locations from a global network of points of presence (PoPs).
• VMware Telco Cloud Platform has been delivering near edge solutions to the largest communication service providers in the world from their 4G/5G core all the way to the radio access network (RAN). By helping service providers modernize their network underlay, VMware enables them to deliver overlay edge services to their consumer and enterprise customers.

VMware Edge Compute Stack integrates with the ruggedized Dell EMC VxRail D Series, which is itself optimized for edge deployments, the firm said. "As the only HCI system co-engineered with VMware, Dell EMC VxRail provides an efficient and agile IT infrastructure that enables automated operations capable of stretching from datacenters to cloud and edge environments."

Of course, security-related concerns are found throughout the many online tech sessions presented at VMworld 2021, which ends Thursday. Also, many sessions are specifically devoted to security schemes, such as DevSecOps. You can see the whole agenda here.