VMware Service-Defined Firewall
Promote this Nomination
VMware Service-Defined Firewall
|Company (that provides the nominated product / solution / service)||VMware|
|Company size (employees)||10,000 or more|
|Type of solution||Software|
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
• Enterprises need a better way to defend the growing number of dynamic workloads—and, correspondingly, the large volumes of east-west (internal) network traffic—against cyberattacks. Traditional, appliance-based security solutions are no longer adequate to protect today’s applications, and perimeter firewalls designed for north-south traffic are ineffective at delivering the control and performance needed for dynamic workloads. Bolted-on security solutions can’t deliver the scalability, agility and cost effectiveness needed by today’s security teams.
VMware’s Service-defined Firewall is a distributed, scale-out internal firewall that protects all east-west traffic with security that’s intrinsic to the infrastructure, radically simplifying the security deployment model. It includes a distributed firewall, an intrusion detection and prevention system (IDS/IPS), and deep analytics. With the VMware Service-defined Firewall, security teams can protect their organizations from internal threats and minimize damage from cyberattacks that make it past the traditional network perimeter. Its key differentiating capabilities include:
• Distributed, granular enforcement: The Service-defined Firewall provides distributed and granular enforcement of security policies to deliver protection and control down to the workload level.
• Scalability and throughput: Because it’s distributed, the Service-defined Firewall is elastic, with the ability to autoscale as workloads spin up or down.
• Intra-application visibility: The Service-defined Firewall automatically determines the communication patterns between workloads and microservices, makes security policy recommendations based on those patterns, and checks that traffic flows conform to deployed policies.
• Declarative API: With the Service-defined Firewall, security teams can move at the speed of development to deliver a true public cloud experience on premises. The API-driven, object-based policy
With these capabilities, customers can deploy network segments rapidly to get the speed and flexibility needed to quickly create and reconfigure network segments, virtual security zones or partner domains by defining them entirely in software. The Service-defined Firewall also allows users to prevent lateral movement of attacks by extending east-west security with stateful Layer 7 firewalling, including AppID and UserID-based policies, as well as advanced threat protection. VMware’s solution also enables customers to meet regulatory requirements via its inspection of all traffic, which provides complete coverage to eliminate blind spots with a distributed IDS/IPS delivered in-software. Finally, customers can also easily create, enforce, and automatically manage granular micro-segmentation policies between applications, services and workloads across multi-cloud environments to achieve zero trust.