Broadcom has announced new updates for VMware vDefend that help organizations improve security planning, simplify lifecycle management and scale security across application environments.
The new vDefend functionalities are aimed at strengthening lateral security within VMware Cloud Foundation (VCF). Umesh Mahajan, vice president and general manager of the Application Networking and Security Division at Broadcom, emphasizes the simplification made possible by vDefend. “The latest vDefend innovations further this efficiency by offering real-time security assessments, a next-generation security services platform to simplify operations, and micro-segmentation as code to further improve security operations.”
Improved security planning with Security Intelligence
Mahajan already mentioned the upgrades in passing, but one of the most important additions is the Security Segmentation Assessment and Report in the Security Intelligence tool. This function offers real-time insight into the so-called security segmentation status when implementing a zero trust private cloud. The tool analyzes network traffic to provide insights into the interaction between applications, identifies potential security problems and provides advice where necessary.
This assessment helps organizations to quickly roll out lateral security via the vDefend Distributed Firewall across all applications that are running. The Security Segmentation Assessment Report is available immediately as one of the Advanced Services for VCF.
Simplified security operations
In addition to the assessment tool, Broadcom is introducing several updates designed to simplify SecOps. An important part of this is the updated Security Services Platform (SSP). According to Broadcom, it is a scalable platform that brings together Security Intelligence and tools such as Network Detection & Response and Malware Prevention.
The new SSP architecture aim to streamline the user experience. This is achieved with a simplified network design, streamlined lifecycle management, a customized user profile for security administrators and simpler workflows for configuration and implementation. The improved scalability should ensure that visibility and the prevention of attacks automatically roll out to large VCF implementations.
Another addition is Micro-segmentation as Code. This function in vDefend Distributed Firewall promises an optimized approach for micro-segmentation, built into the hypervisor and applicable to every workload via an API-driven model. This connects to automation tools via an API.
For organizations with strict security requirements, there is an improvement in the Network Detection and Response functionality. This now supports mechanisms for the secure updating of threat intelligence in on-premises environments without having to make contact with the public internet.
External validation
Broadcom emphasizes the effectiveness of vDefend through external validation. The product recently received an AAA rating for Advanced Threat Prevention in the SE Labs Advanced Security Test Report. It will come as no surprise to anyone that this is the highest rating, which allows Broadcom to speak with confidence about a best-of-breed solution.
The results are also in line with this: a Forrester survey reports that vDefend users reduce their risk of cyber incidents by 40 percent, reduce security operation costs by 25 percent and avoid a 12 percent increase in cyber insurance premiums. In total, this amounts to an average 116 percent ROI for vDefend. We do hereby assume that the organizations that have had to spend more money on VMware since the Broadcom acquisition must reinvest the vDefend benefits.