VMware AppDefence Overview : Transforming Security through Virtualization

Datacenter security is one of the main concern for a company and it’s workloads. There are lots of security enhancements in the networks to protect your workloads from these security threats. VMware recently introduced VMware AppDefence as a datacenter endpoint security product that protects applications running in a Virtual environment.

VMware AppDefence primarily monitors the applications against their intended state and automatically respond to the deviated status indicating a threat.

Key Highlights of VMware AppDefence:

  • Simply, it’s datacenter endpoint security
  • Improve threat detection in SOC (Security Operations Center)
  • Automated Incident responses
  • Streamline Application Security reviews

Leveraging VMware AppDefence Delivers three main advantages over existing endpoint solutions:

  • Authoritative knowledge of application intended state: Within the VMware vSphere hypervisor AppDefence has the authoritative understanding how the endpoints are meant to behave in the normal operation. If there is a change AppDefence is the first to know the changes. It has contextual awareness to understand what is the actual threat
  • Automated, precise threat response: When there is a threat detected AppDefence will automatically trigger the the security operations along with the VMware NSX to prevent the security breach, these actions can be taken automatically:
    • Block process communication
    • Snapshot an endpoint for forensic analysis
    • Suspend an endpoint
    • Shut down an endpoint
  • Isolation from the attack surface: It does not allow Malware to stop the AppDefence even though the endpoint is compromised. Most of the Malware disable the security endpoints, Antivirus solutions after the infection

VMware AppDeffence does not produce lots of Alerts to the Security Operations Center and it takes automated responses to the threats. It helps SOC and Application engineering teams to streamline their security review processes.

Understanding VMware AppDefence: Tom Corn Perspective

References:

VMware NSX : NSX Manager Deployment

 

Software Defined Networking is playing a key role of the software defined datacenter technologies. Hope that you may already heard of VMware NSX and it’s features and use cases in a Software Defined Datacenter. VMware acquired the company called Nicira which helped to originate the Software Defined Networking in mid 2000s. After acquiring this company in 2012 VMware released the network Virtualization platform called NSX as a combination of VMware in house R&D projects and Nicira technologies.

That is the bit of history about this greatest technology and if you are interested there are lots of articles in the internet. I’m not writing this to bring you the history of the technology and I’m planing to discuss few articles of the NSX Configuration. So let’s start from the beginning. Read More

Fast Lane Support with MyVMware Mobile App – Overview of VMware BCS and MCS Support

 

If you are responsible for any running Mission critical or Business critical workloads in your VMware Virtual datacenter you better to have Fast Lane support with Mission Critical or Business Critical support from VMware. It reduces the amount of time for your support request escalation along with the¬†personalized reactive and proactive support services. It’s a separated subscription service and depend on the company requirement. I will discuss the features later in this post.

MyVMware Mobile App is a great tool to log High Priority support request without using your computer and web browser. You can download this app from itunes for your iPhone/iPad and Google play store for Android mobiles and tabs.

You need to have the corporate MyVMware account to operate this application. Once you installed the App on your device login using the corporate MyVMware username and password. Read More

A Server error occurred. [500] SSO error:null

 

Previously, I wrote a post about re-pointing the PSC and after a while I logged in to the same environment and I ended up with this error message on my screen. I was so frustrated as I have done few changes to this environment and thought something went wrong while I was doing these changes. See below error message that I received from my vCenter Server appliance.

So , I started to troubleshoot this issue. Simply it says check the vSphere Web Client logs for more details, that is the simplest way which we can start this. so I opened a ssh session to my vCenter server appliance and enabled the shell. I used below command to check the vSphere client log

Read More