Oct 06 2021

VMworld 2021: Modern Security Must Be Built Directly into Multicloud Workloads

Known best for server virtualization, VMware stakes its claim as an original thinker on security.

VMware has not traditionally been known as a security company, but at VMworld 2021, it’s trying to change that. The company highlighted its approach to application and network security delivered across multiple cloud platforms.

Tom Gillis, senior vice president of VMware’s networking and advanced security business group, says the company handles 8.4 trillion security events per week, including foiling more than 1 million attempted ransomware attacks in the past 90 days, on behalf of the more than 30,000 customers using its security products.

“That’s an enormous amount of data,” Gillis said. “That matters, because if you can’t see it, you can’t stop it. We have access to this data because of who we are — we’re VMware. We have access to the largest workloads, the largest networks and the largest population of endpoints on the planet.”

Gillis said VMware’s approach to security is unique in the industry because it’s built to handle the way data flows through modern networks — replete as they are with widely distributed employees, vast numbers of corporate- and worker-owned endpoints, and an explosion of applications running on multiple clouds.

“In my view, the vast majority of security tools that most organizations are using were built for a different era, a time when work was a place you went to,” he said. “You’d sit at a desk and work at a stationary computer that was connected to the wall, and it in turn talked to the data center that was down the hall. Those times are long gone. Work is now a thing we do, and we do it on almost any device we can get our hands on. There’s been a proliferation of endpoints, and the applications we touch are running in the cloud.”

That means security needs to be built into applications and networks from the beginning, not bolted on. VMware’s security stack includes tapless network traffic analysis and Layer 7 firewalls that are built into the workloads themselves.

“From there, we’re able to install next-generation anti-virus, endpoint detection and response, vulnerability management, audit and remediation, and threat intelligence — all the services you need to ensure the integrity of your application, integrated into a single cloud-delivered offering,” Gillis said. “We integrated it into vSphere so that an administrator, when they go to launch a server, it’s literally as simple as, ‘Make sure this server is secure.’ Click. No agents to futz with, no configurations to set. All that is done.”

LEARN MORE: Get access to a wide range of cybersecurity solutions for your organizations.

How VMware Security Is Helping Enterprises

At Asklepios Group, a private sector hospital operator in Germany that treats more than 2 million patients each year at 170 facilities, digital transformation efforts are underway to modernize many aspects of the patient care experience, explained Daniel Maier-Johnson, the organization’s CISO.

“For example, we’re working to reduce patient documentation load” on staff, he said. “To do that, we need to supply the right people with patient information at the right time and in the right place.” Asklepios Group long ago created a virtual desktop infrastructure environment, enabling doctors and other clinicians to access patient data securely and remotely, even from home.

“We’re a favorite target of hackers,” Maier-Johnson said. Asklepios protects devices with VMware Carbon Black Endpoint Advanced.

“The biggest improvement we have seen is visibility. We can now see everything that’s happening on the critical endpoints,” he said. “Carbon Black permanently monitors 16,000 devices, and most of the time the IT team doesn’t have to lift a finger. The self-learning AI is quick to spot new patterns of attack and responds automatically.”

Rakesh Inamdar, vice president of global network infrastructure for Aon, a multinational professional services firm, deployed NSX, VMware’s network virtualization and security platform, as part of a data center modernization project that saw the company consolidate from 29 data centers in North America to just five.

“Our business wanted performance and capabilities similar to what you can get in a public cloud, but in a private cloud framework,” Inamdar said. Many of the results have been “mind-boggling,” he added: “It used to take three to four weeks to provision a server. It’s come down to days or hours.”

Security improved as well, because it was built into the workloads themselves. “We didn’t have this capability before. With NSX, we have a functioning Layer 7 firewall on every single host. All we had to do was assign tags and off we go,” he said. “No more writing firewall rules and no more decommissioning firewall rules.”

Follow all of our coverage during the conference here, or follow our coverage on Twitter at @BizTechMagazine.

Getty Images/ Lorado