Unlike perimeter firewalls that filter traffic from an unlimited number of unknown hosts, VMware says its new Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into into its NSX network management software, vSphere hypervisors and AppDefense threat-detection system.
“VMware’s service defined firewall is significant because it leverages host and network context via AppDefense and NSX, respectively, to apply contextual, adaptive access control policies, hence the positioning of the offering as an internal versus external firewall” said Doug Cahill, group director and senior analyst with the Enterprise Strategy Group.
The product doesn’t require added software agents to do its job as many security packages do, VMware said.
It also lets organisations more easily enforce security policies without forcing traffic to go through a security appliance for scanning, VMware stated.
Using network-generated information to determine and verify the expected – or “known good” – behaviour of applications, the firewall’s Application Verification Cloud builds an accurate map of the good or normal state of the application. Any transactions outside that behaviour are then blocked.
Once a verified understanding of known good application behaviour is established, the system can generate security policies for the Service-defined Firewall that are layer 7 capable and can perform full stateful inspection, wrote Alex Berger product marketing manager with the networking and security business unit at VMware in a blog about the announcement.
The idea is to consistently allow an application’s known good behaviour across heterogenous workloads and private and public clouds, Burger stated.
“In today’s modern data centre, change is constant. A dynamic approach to segmentation allows customers to keep pace with change,” Cahill said.
“Applications are more distributed, deployed across multiple private and public clouds, using many different types of infrastructure and accessed from many different devices," said Rajiv Ramaswami, chief operating officer, products and services, VMware in a statement.
"Security sprawl – too many products, agents, and interfaces deployed across an organisation – creates complexity for security management.”
VMware’s strategy is to remove the complexity inherent with security today and deliver security that is intrinsic from endpoint to cloud, Ramaswami added.