VMware Presents at Security Field Day 3

Introduction to the VMware Service-Defined Firewall

Watch on YouTube
Watch on Vimeo

VMware Service-defined Firewall is an innovative approach to internal firewalling that reduces the attack surface for on-premises and cloud environments with security that is an intrinsic part of the infrastructure. The VMware Service- defined Firewall combines unprecedented application visibility and understanding of known good application behavior with intelligent, automated and adaptive firewalling capabilities to help better protect apps, data and users.

This solution works bare metal, VM and container-based application environments, and will support hybrid cloud environments such as VMware Cloud on AWS and AWS Outposts in the future. Enterprises can use this solution as their sole firewall solution for their internal needs.

Personnel: Dhruv Jain, Stijn Vanveerdeghem

VMware NSX Distributed Intrusion Detection & Prevention (IDS/IPS)

Watch on YouTube
Watch on Vimeo

VMware NSX Distributed IDS/IPS is an application-aware traffic inspection engine purpose built for analyzing internal east-west traffic and detecting lateral threat movements. The engine runs within the hypervisor to optimize packet inspection. NSX Distributed IDS/IPS combines industry-leading signature sets, protocol decoders and anomaly detection-based mechanisms to hunt for known and unknown attacks in the traffic flow. It also benefits from rich application context, driving lower false positive rates while incurring minimal computational overhead on the host.

Personnel: Dhruv Jain, Stijn Vanveerdeghem

VMware NSX Intelligence: Policy Creation & Microsegmentation Made Easy

Watch on YouTube
Watch on Vimeo

NSX Intelligence is a distributed analytics engine built natively into NSX-T that provides continuous data center-wide visibility for network and application security teams, helping them deliver a more granular and dynamic security posture, simplify compliance analysis, and streamline security operations. NSX Intelligence provides deep insight at the packet level into virtualized and containerized workloads, allowing for intuitive, highly automated network and security policy generation and enforcement.

NSX Intelligence helps eliminate blind spots to reduce security risk and accelerate security incident remediation through visualization and deep insight into every flow across the entire datacenter. Users gain holistic context for security troubleshooting and improve collaboration between infrastructure and security teams through a converged pane for security operations. Together with VMware vRealize Network Insight and NSX Intelligence, customers can gain comprehensive visibility, analytics and troubleshooting to improve network and security operations.

Personnel: Ray Budavari

VMware Introduction to the VMware NSX Web Application Firewall

Watch on YouTube
Watch on Vimeo

VMware’s Intelligent Web Application Firewall solution provides application security and networking teams with an elastic and analytics-driven solution that scales and simplifies policy customization and administration through central management.

The WAF solution gives administrators an important point of security enforcement and intelligence, protecting web applications from common vulnerabilities as identified by OWASP, such as SQL Injection (SQLi) and Cross-site Scripting (XSS), while providing the ability to customize the rule set for each application. It analyzes security rules that match a particular transaction and provides that insight in real-time as applications and attack patterns are learned. This application intelligence, paired with intuitive one-click rule customization, allows VMware’s WAF to sharply reduce false-positives.

Personnel: Ashish Shah