VMware Service-defined Firewall works in bare-metal, VM, container environments and supports hybrid cloud. Credit: Getty Images VMware has taken the wraps off a firewall it says protects enterprise applications and data inside data centers or clouds. Unlike perimeter firewalls that filter traffic from an unlimited number of unknown hosts, VMware says its new Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into into its NSX network management software, vSphere hypervisors and AppDefense threat-detection system. “VMware’s service defined firewall is significant because it leverages host and network context via AppDefense and NSX, respectively, to apply contextual, adaptive access control policies, hence the positioning of the offering as an internal versus external firewall” said Doug Cahill, Group Director and Senior Analyst with the Enterprise Strategy Group. The product doesn’t require added software agents to do its job as many security packages do, VMware said. It also lets organizations more easily enforce security policies without forcing traffic to go through a security appliance for scanning, VMware stated. The firewall works in bare metal, virtual-machine and container-based application environments, and will support hybrid cloud settings such as VMware Cloud on AWS and, down the road, AWS Outposts. Using network-generated information to determine and verify the expected – or “known good” – behavior of applications, the firewall’s Application Verification Cloud builds an accurate map of the good or normal state of the application. Any transactions outside that behavior are then blocked. Once a verified understanding of known good application behavior is established, the system can generate security policies for the Service-defined Firewall that are layer 7 capable and can perform full stateful inspection, wrote Alex Berger product marketing manager with the Networking & Security business unit at VMware in a blog about the announcement. The idea is to consistently allow an application’s known good behavior across heterogenous workloads and private and public clouds, Burger stated. “In today’s modern data center, change is constant. A dynamic approach to segmentation allows customers to keep pace with change,” Cahill said. “Applications are more distributed, deployed across multiple private and public clouds, using many different types of infrastructure and accessed from many different devices,” said Rajiv Ramaswami, chief operating officer, products and services, VMware in a statement. “Security sprawl – too many products, agents, and interfaces deployed across an organization – creates complexity for security management.” VMware’s strategy is to remove the complexity inherent with security today and deliver security that is intrinsic from endpoint to cloud, Ramaswami stated. Related content news Frontier retains top spot among world's fastest supercomputers For the fifth consecutive time, Frontier tops the list of the world’s most powerful supercomputers, but it's no longer the only exascale machine on the TOP500 list. By Denise Dubie May 13, 2024 6 mins CPUs and Processors Supercomputers Data Center news Nvidia teases quantum accelerated supercomputers Nvidia debuts systems powered by Grace Hopper superchips, adds AI and quantum to the HPC mix. By Lynn Greiner May 13, 2024 4 mins CPUs and Processors Supercomputers Data Center news Cisco adds AI features to AppDynamics On-Premises A new virtual appliance for Cisco's AppDynamics observability platform will give enterprise customers more deployment options as well as AI-driven capabilities for anomaly detection and root cause analysis, application security, and SAP monitori By Michael Cooney May 10, 2024 4 mins Network Management Software Network Monitoring news CHIPS Act to fund $285 million for semiconductor digital twins Plans call for building an institute to develop digital twins for semiconductor manufacturing and share resources among chip developers. By Andy Patrizio May 10, 2024 3 mins CPUs and Processors Data Center PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe