“VMware as a security specialist, am I reading that correctly?” Yes, but we won’t blame you if you didn’t know that or don’t know the key assets. With Carbon Black, VMware has added a top product to its ranks that combines years of expertise with the latest technology.
VMware is not a new player when it comes to intrinsic security. Anyone who looks at vSphere today knows that virtual machines are always protected by the most secure hypervisor possible. VMware did not have a specific security portfolio in recent years, but that does not mean that security expertise was lacking.
With the acquisition of Carbon Black in mid-2019, VMware gained significant experience in securing modern applications and infrastructure via cloud-native endpoint security. This move was important for VMware to establish itself further as a security expert. Carbon Black retains its name within the VMware portfolio and has collected a tremendous amount of telemetry data across all VMware products within the last two years. This data makes Carbon Black a top product in the security world today, allowing VMware to stand unabashedly on equal footing with any other security specialist.
Another security player?
We can hear you thinking: “Hooray, another security player on the market to take into account.” Today, the market offer is very large, and many players have been specialising in this field for decades. VMware too, but not explicitly at the front with specific products in its portfolio. With Carbon Black, everything is concretised into a clear proposition.
Since security is not new, every organisation is already running one or more solutions today. Double security is allowed and often desirable. For organisations that are already VMware customers, it’s worth trying out one component of Carbon Black. It all fits natively into the VMware environment, which means that the IT team already has one less dashboard to keep an eye on.
Carbon Black adds a great deal of expertise in security within VMware. “Few companies do not have an antivirus, but this is the next step,” emphasises Thierry Vandenberghe, Technical Consultant at Tech Data. “Carbon Black doesn’t only look at virus signatures to know what is dangerous. It also looks at the behaviour across all components.”
He is referring to the Zero Trust story, an important security trend that more and more companies are embracing. According to Thierry, this makes sense. “It goes beyond just a virus. If your PC always does one thing and suddenly something else happens, a hacker may be active. Carbon Black detects such things. That way, you can stop or isolate dangerous zero-day attacks.”
Thanks to the security suite, a potentially infected device is immediately quarantined to prevent worse. Traditional solutions do not analyse what is happening broadly across the entire IT infrastructure, so they cannot make the connection. Sometimes one action may not seem harmful, but in combination with additional telemetry data from other infrastructures, an intervention may be desirable.
“Zero trust across the entire infrastructure is also important for a SOC (Security Operations Centre) in large companies. They can trace what is happening and put things in quarantine immediately. Carbon Black also looks at the behaviour of the attack, which makes it possible to counter zero-day attacks,” says Thierry.
NSX and vSphere
Thanks to VMware’s broad portfolio, you can go much wider than with traditional vendors. For example, there is NSX for intrusion prevention, an important security component in any organisation. “NSX covers everything in terms of network security for a lot of companies,” says Thierry. In virtually all situations, you no longer need a traditional firewall solution, which saves money.
He again cites the example of vSphere, an old VMware product where security has been important since the beginning. “Today, intrinsic security is present throughout the entire VMware portfolio. This is logical because security is a top priority within virtualization and the cloud, regardless of whether the cloud is public, hybrid or private.” He emphasises that a cloud environment is easy-to-use, but at the same time, it’s a bad world where it’s not so obvious that crooks or criminals are on the street. “There are a lot more shady characters in the cloud. You just don’t see them.”
Since the acquisition of Carbon Black in 2019, VMware has been working very hard to harmonise the solution within the current ecosystem. “Only since mid-2020 have the SKUs been adjusted, and Carbon Black’s old partnerships have also migrated to VMware partners,” emphasises Thierry. “It is now up to the partners to train the necessary competencies to be able to offer Carbon Black.”
On its own, Carbon Black is a solid security product, but it’s a dime a dozen. You will really benefit from it within a VMware stack as a primary or secondary security solution. It also gives IT teams within organisations a better overview. As of today, there are no native bundle benefits with Workspace ONE, for example, but as a partner you can combine Carbon Black in one deal with other VMware components for additional benefit. “You will have to wait a little bit longer for a joint offer with Carbon Black,” concludes Thierry.