VMware delivers security as a built-in distributed service across all control points of users

Raghuram Krishnan
Director Partner Sales-India, VMware

Protection against cybercrime

Cybersecurity has multiple facets and most enterprises defend themselves with a strategy around Identifying Risk, Prevention and Detection, Respond and Remediation of Attacks. Cybersecurity is a team-game and starts with educating every individual within an organization on cyber hygiene, aligning business goals of organizations to cyber priorities, identifying vulnerabilities and patching them and responding to cyber-attacks. Triad of People, Process and Technology plays a very critical role when it comes to protection against cybercrime. VMware protects its own and customers’ IT assets by delivering security as a built-in distributed service across all control points of users, devices, workloads, networks and clouds. We implement Zero Trust Security Model with fewer tools and silos, and scale our threat response ability with confidence, speed, and accuracy using granular visibility of IT assets and threat landscape. By reimagining cybersecurity as a built-in service, instead of bolted-on agent based service, customers can reduce their attack surface to mitigate security risk, ensure compliance and simplify security operations in a cost-efficient manner.

Solutions to prevent Distributed DoS attacks (DDoS)

VMware NSX Advanced Load Balancer (NSX ALB) protects and mitigates against DDoS attacks by identifying threats, informing admins and automatically protecting against these attacks. Some of the features that are used to accomplish this are TCP SYN Flooding Protection, HTTP DDoS Protection, URL filtering, Connection Rate Limiting per Client, Connection Rate Limiting per User Defined Clients, Limiting Max Throughput / Max Concurrent Connections per Virtual Service (VS) and Limiting Max Concurrent Connections per Server. In addition, NSX ALB’s elastic application services enable on-demand autoscaling of services during an attack giving administrators much needed time to work on mitigating the attack while maintaining quality of service.

Approach to the current situation 

VMware lays out a journey to Zero Trust with fewer tools and silos, better context and distributed security model that is built-in and distributed with four major control points – users, networks, endpoints, and workloads. It provides organizations with security capabilities that evolves with their security needs and supports their long-term IT and InfoSec strategies. These capabilities help in securing remote user access to corporate applications using SASE, protecting employee devices against vulnerabilities with automated patching using Workspace ONE & Carbon Black NGAV/EDR, preventing cloud configuration drifts using vRealize Automation SaltStack Config, securing VM / Container workloads using Carbon Black Workload Protection, securing containerized microservices communication using Tanzu Service Mesh and minimizing attack impact with east-west protection using NSX Firewall and Advanced Threat Prevention and NDR capabilities.