“In my view, the vast majority of security tools that most organizations are using were built for a different era, a time when work was a place you went to,” he said. “You’d sit at a desk and work at a stationary computer that was connected to the wall, and it in turn talked to the data center that was down the hall. Those times are long gone. Work is now a thing we do, and we do it on almost any device we can get our hands on. There’s been a proliferation of endpoints, and the applications we touch are running in the cloud.”
That means security needs to be built into applications and networks from the beginning, not bolted on. VMware’s security stack includes tapless network traffic analysis and Layer 7 firewalls that are built into the workloads themselves.
“From there, we’re able to install next-generation anti-virus, endpoint detection and response, vulnerability management, audit and remediation, and threat intelligence — all the services you need to ensure the integrity of your application, integrated into a single cloud-delivered offering,” Gillis said. “We integrated it into vSphere so that an administrator, when they go to launch a server, it’s literally as simple as, ‘Make sure this server is secure.’ Click. No agents to futz with, no configurations to set. All that is done.”
How VMware Security Is Helping Enterprises
At Asklepios Group, a private sector hospital operator in Germany that treats more than 2 million patients each year at 170 facilities, digital transformation efforts are underway to modernize many aspects of the patient care experience, explained Daniel Maier-Johnson, the organization’s CISO.
“For example, we’re working to reduce patient documentation load” on staff, he said. “To do that, we need to supply the right people with patient information at the right time and in the right place.” Asklepios Group long ago created a virtual desktop infrastructure environment, enabling doctors and other clinicians to access patient data securely and remotely, even from home.
“We’re a favorite target of hackers,” Maier-Johnson said. Asklepios protects devices with VMware Carbon Black Endpoint Advanced.
“The biggest improvement we have seen is visibility. We can now see everything that’s happening on the critical endpoints,” he said. “Carbon Black permanently monitors 16,000 devices, and most of the time the IT team doesn’t have to lift a finger. The self-learning AI is quick to spot new patterns of attack and responds automatically.”
Rakesh Inamdar, vice president of global network infrastructure for Aon, a multinational professional services firm, deployed NSX, VMware’s network virtualization and security platform, as part of a data center modernization project that saw the company consolidate from 29 data centers in North America to just five.
“Our business wanted performance and capabilities similar to what you can get in a public cloud, but in a private cloud framework,” Inamdar said. Many of the results have been “mind-boggling,” he added: “It used to take three to four weeks to provision a server. It’s come down to days or hours.”
Security improved as well, because it was built into the workloads themselves. “We didn’t have this capability before. With NSX, we have a functioning Layer 7 firewall on every single host. All we had to do was assign tags and off we go,” he said. “No more writing firewall rules and no more decommissioning firewall rules.”