VMware is delving deeper into the IT security segment with its recent announcement at RSA 2019, unveiling its Service-defined Firewall product. VMware will be competing with security giants Palo Alto Networks and Cisco, among others, to introduce the new offering that focuses on the internal network by validating good application behavior.
VMware is seeking to build on the unique aspects and characteristics embodied in its virtualization technology to replace integrated solutions with what it has termed “intrinsic security” vs. integrated security solutions. VMware seeks to focus on known “good assets” as opposed to scanning the universe for unknown threats.
VMware claims the new service can displace other solutions to become the “sole firewall solution for their internal needs.” They go one step further in an effort to build instant credibility for the Service-defined Firewall via the publication of a validation report from Verodin.
VMware’s Service-defined Firewall provides an agentless solution that can be deployed and utilized on bare metal, VM, and container-based environments in the cloud, on premises, or in hybrid cloud environments such as VMware Cloud on AWS. VMware advertises that this solution is a differentiator based on the following product characteristics:
VMware appears serious about this latest foray into the enterprise security space. VMware CEO Pat Gelsinger was quoted, “We're the company that makes [cloud infrastructure] okay for our customers, makes it more efficient, scalable, et cetera but we've never until the last couple of years really said, ‘Hey, we can now start changing the security dialogue in a fundamental way.’”
IT security and infrastructure leaders will need to carefully examine the purported capabilities in this new VMware offering before “jumping in” with both feet. Should this solution prove true to VMware’s lofty claims, organizations will have to carefully examine the implications from a cost, licensing, and business operating model approach. With most IT shops already experiencing increased costs due to being a captive customer of VMware’s virtualization technology, this new offering could serve to increase this vendor lock-in. Additionally, the convergence of network and security functionality will drive the CISO and CIO to work off the same page or risk falling behind in a world less tolerant of security breaches.