Datacenter security is one of the main concern for a company and it’s workloads. There are lots of security enhancements in the networks to protect your workloads from these security threats. VMware recently introduced VMware AppDefence as a datacenter endpoint security product that protects applications running in a Virtual environment.
VMware AppDefence primarily monitors the applications against their intended state and automatically respond to the deviated status indicating a threat.
Key Highlights of VMware AppDefence:
- Simply, it’s datacenter endpoint security
- Improve threat detection in SOC (Security Operations Center)
- Automated Incident responses
- Streamline Application Security reviews
Leveraging VMware AppDefence Delivers three main advantages over existing endpoint solutions:
- Authoritative knowledge of application intended state: Within the VMware vSphere hypervisor AppDefence has the authoritative understanding how the endpoints are meant to behave in the normal operation. If there is a change AppDefence is the first to know the changes. It has contextual awareness to understand what is the actual threat
- Automated, precise threat response: When there is a threat detected AppDefence will automatically trigger the the security operations along with the VMware NSX to prevent the security breach, these actions can be taken automatically:
- Block process communication
- Snapshot an endpoint for forensic analysis
- Suspend an endpoint
- Shut down an endpoint
- Isolation from the attack surface: It does not allow Malware to stop the AppDefence even though the endpoint is compromised. Most of the Malware disable the security endpoints, Antivirus solutions after the infection
VMware AppDeffence does not produce lots of Alerts to the Security Operations Center and it takes automated responses to the threats. It helps SOC and Application engineering teams to streamline their security review processes.
Understanding VMware AppDefence: Tom Corn Perspective