Let’s face it, the world of security has been very preoccupied. Between hardening the networks, and wresting to gain control over the exponential growth of mobile and remote access, security engineers have been busy. The boundaries of IT’s realm have blurred, making security around both these areas an ongoing challenge as hackers continue to innovate against your dynamic, distributed infrastructure landscape.
Enterprise mobile management (EMM) and the latest endpoint security technologies have enabled new levels of user flexibility while minimizing risk. And network virtualization solutions allow for unprecedented capabilities to detect and isolate problems behind the firewall.
But in a world where everything we do in IT, and in business, is driven by apps, it makes sense to adopt an app-centric approach to security.
The Challenges of Securing Data and Apps
Implementing security solutions that protect the business and its intellectual property – without becoming an obstacle to business agility or responsiveness – is the ultimate conundrum. Meanwhile, hacker approaches commonly target applications and systems, taking control of the OS or its processes, or hijacking process communications to achieve a nefarious result.
In the case of application security, there are two specific challenges that stand in the way.
Missing threats and chasing false alarms
Many existing endpoint security solutions offer up numerous false alarms, sending security teams on a manual hunt to track down non-existent threats. Meanwhile, other threats can go undetected…
Fast pace of change
Existing security solutions struggle to keep up with the speed of today’s modern applications – because they weren’t designed to. This means new apps launching and updating every day without the needed protections in place.
Protect Data and Applications with VMware AppDefense™
In addition to network and endpoint security solutions, you now have a weapon aimed at protecting your compute stack. VMware AppDefense is a data center endpoint security product that protects applications running in virtualized and cloud environments.
Understanding the Intended State
VMware AppDefense Architecture
AppDefense’s strength comes from VMware’s unique position to leverage information from the software-defined environment (i.e. the hypervisor) to create an understanding of your application’s context: What’s the intended purpose of this system or component? How is it behaving now? And what should be done if it’s not doing what it’s supposed to?
While it may sound like a simple concept, it’s enormously powerful. Rather than chasing down potential threats across your environment, or missing them altogether, you now have a way to confidently identify true and active threats, and to automate and orchestrate the most effective responses. Just like micro-segmentation for networking helps build in security from the ground up within the data center, AppDefense allows you to “architect in” security for your applications.
Automated threat responses
When a threat is detected, AppDefense can automatically initiate vSphere® and VMware NSX ® to orchestrate the correct response. This can include:
- Block process communication
- Snapshot an endpoint for forensic analysis
- Suspend an endpoint
- Shut down an endpoint
Protecting the Protector
Hackers are smart; their first objective is often to disable the antivirus or other security technology standing in their way. VMware has designed AppDefense to run in a protected environment within the hypervisor, ensuring that even if the application is compromised, AppDefense will continue to function unharmed.
A Trifecta of Security
Clearpath can help improve your security posture around networking, endpoints – and compute. VMware AppDefense is a straightforward, natural extension of the software-defined technologies you already have in place, giving you the power to shrink your attack surface and secure your apps in an automated way, whether on-premises or in the cloud.
Check out more posts in our Security Series, listed below: