🥇The IT giant introduced a service-defined firewall

It will find application in data centers and the cloud.

What is this technology

VMware has introduced a new firewall that protects the network at the application layer.

The infrastructure of modern companies is built on thousands of services integrated into a common network. This expands the vector of potential hacker attacks. Classic firewalls can protect against external attacks, however turn out are powerless if the attacker has already penetrated the network.

Cybersecurity specialists from Carbon Black they saythat in 59% of cases, attackers do not stop at hacking one server. They look for vulnerabilities in the devices associated with it and “move” around the network in an effort to gain access to more data.

The new firewall uses machine learning algorithms to detect anomalous activity on the network and, in case of danger, notifies the administrator about it.

How it works

Firewall composed of two components: the NSX platform and the AppDefense threat detection system.

AppDefense system thrown out for building a behavioral model of all applications running on the network. Special machine learning algorithms analyze the operation of services and form a "white list" of the actions they perform. Information from the VMware database is also used to compile it. It is formed on the basis of telemetry provided by the company’s clients.

This list plays the role of so-called adaptive security policies, based on which the firewall determines anomalies in the network. The system monitors the operation of applications and, if deviations in their behavior are detected, sends a notification to the data center operator. VMware vSphere tools are used to monitor activity, so the new firewall does not require specialized software to be installed on each host.

Concerning NSX Data Center, then it is a platform for managing software-defined networks in the data center. Its task is to link the firewall components into a single system and reduce the cost of its maintenance. In particular, the system allows you to distribute the same security policies to different cloud environments.

You can look at the firewall in action in video on the VMware YouTube channel.

/ photo USDA PD

Opinions

The solution is not tied to the architecture and hardware of the target system. Therefore, it can be deployed on a multi-cloud infrastructure. For example, representatives of IlliniCloud, providing cloud services to government agencies, say the NSX system helps them balance network load and acts as a firewall in three geographically distant data centers.

IDC Representatives they saythat the number of companies working with multi-cloud infrastructure is steadily increasing. Therefore, solutions that simplify management and protect distributed infrastructure (like NSX and the firewall built on its basis) will only gain popularity with customers.

Among the disadvantages of the new firewall, experts highlight the need to deploy software-defined networks. Not all companies and data centers have such an opportunity. In addition, it is not yet known how a service-defined firewall will affect the performance of services and network bandwidth.

Also, VMware only tested its product against the most common types of hacks (such as phishing). It is not clear how the system will work in more complex cases like a process injection attack. At the same time, the new firewall cannot yet independently take measures to protect the network - it can only send notifications to the administrator.

The IT giant introduced a service-defined firewall

It will find application in data centers and the cloud.

What is this technology

How it works

Opinions

Similar Solutions

Add a comment Отменить ответ