VMware has added more security features to its forthcoming on-demand multi-cloud networking and security service called Northstar that it previewed during its VMware Explore 2022 conference.
VMware said then that Northstar will provide a central console for turning up networking and security services across private clouds and VMware Cloud deployments that run on public clouds. It will include VMware services such as Network Detection and Response, NSX Intelligence, advanced load balancing and Web Application Firewall.
Within Northstar, Network Detection and Response support will provide scalable threat detection and response for workloads deployed in private and/or public clouds.
The vendor said it is adding support for its Hybrid Cloud Extension (HCX) software. The extension, known as HCX+, will let customers move workloads between multiple on-premises environments as well as VMware Cloud on Amazon Web Services (AWS), Google Cloud, Microsoft Azure and others.
“The role of HDX+ is to facilitate workload migration, and within Northstar that will let customers, for example, move workloads from thousands of VMs in their private cloud to a public cloud,” said Tom Gillis, senior vice president and general manager at VMware.
“And since we can look into the application layer of all these workloads we can apply unique security analytics that can identify the East-West or the collateral or movement of an attack. These days, that's the name of the game.
“Because we're constantly changing and updating the algorithms, security and policy are always up-to-date, and since we’ll be seeing everybody's traffic we can do global correlation across the entire spectrum of workloads regardless of where they are running."
Northstar is expected to launch possibly next year.
VMware also announced VMware Carbon Black XDR to bolster threat detection and attack prevention across endpoints and networks. Carbon Black is VMware’s endpoint, container, and application-workload security platform that has tight integration across VMware’s family of products.
Extended detection and response (XDR) centrally gathers and analyses security information from a variety of sources to more quickly respond to threats and establish core enterprise-wide security policies.
Carbon Black XDR will do that by utilising VMware’s Contexa threat intelligence database which the vendor says records and processes over 1.5 trillion endpoint events and over 10 billion network flows daily.
Contexa and Carbon Black's knowledge of applications combined with NSX's network intelligence can help security teams identify threats and inform decisions about policies to block them, Gillis said.
The goal is to improve lateral security for traditional and modern applications by enabling inspection of each endpoint, packet, and process across their environment, Gillis said. VMware Carbon Black XDR is available in early access to select customers.