New security solution for VMware software-defined data centre environments unveiled by ForeScout
Expanding on its existing technology collaboration with VMware, ForeScout’s data centre security solution will now provide enhanced security and compliance for organisations by discovering, classifying and assessing endpoints across traditional and software-defined data centres.
ForeScout will help VMware NSX® customers further improve security through consolidated visibility across virtual and physical infrastructures, reduced attack surface and enforced segmentation policies in heterogeneous environments.
“As enterprises shift from traditional to software-defined data centres, IT organisations are struggling to detect rogue, non-compliant, unmanaged virtual machines and devices,” said Michael DeCesare, president and CEO, ForeScout.
“While virtualisation and cloud solutions provide much needed flexibility, having comprehensive visibility in those environments is essential to preventing blind spots. ForeScout’s interoperability with VMware NSX is part of our broader strategy to help provide customers with visibility and control across their network infrastructure from the campus to data centre to cloud. You can only secure what you can see.”
As networks continue to evolve and organisations adopt IoT devices and virtualisation, cyberattacks can take advantage of any visibility and control gaps. If rogue, non-compliant, unapproved, zombie and orphan virtual machines go undetected, they can increase an organisation’s attack surface and open the door for hackers to exploit weak links, access shared resources, or move laterally across a network to obtain sensitive information.
As such, organisations need visibility across the network infrastructure to validate virtual machine and device properties as well as stronger security controls to prevent new attack vectors.
Security analysts leveraging ForeScout’s new data centre security solution for VMware will be able to maximise existing security investments to improve the following:
- Visibility: Improve visibility into software-defined data centres as virtual machines are created, moved, off-lined or retired. Validate virtual machine properties using a policy-based approach to help true-up asset inventories and configuration management databases (CMDB) with more up-to-date information about connected virtual machines and their associated properties.
- Compliance: Assist customers in adhering to security best practices and virtual machine hardening standards. Automate compliance checks to measure against standardised guidelines and initiate remediation actions to mitigate risk from non-compliant or rogue virtual machines.
- Resource optimisation: Help maximise capacity of virtual machine infrastructures and optimise utilisation by proactively identifying zombie and orphan virtual machines to reduce virtual machine sprawl and prevent unnecessary consumption of resources.
- Risk Mitigation and response: Verify security profile and posture of virtual machines and apply appropriate VMware NSX security tags to enforce segmentation policies, isolate non-compliant endpoints and facilitate remediation actions.
Earlier this year, ForeScout announced its security solution for Amazon Web Services (AWS) to enable visibility into cloud workloads. Now, working separately with both VMware and AWS, ForeScout provides consolidated visibility and consistent policy management across campus, private data centre and public cloud infrastructures.
Abhi Dugar, research director, Cloud and Enterprise Infrastructure and IoT Security, IDC, says: “Today’s enterprises are modernising their IT infrastructures and moving to hybrid and multi-cloud environments. However, security considerations continue to be a challenge as endpoints proliferate beyond laptops and physical servers to virtual machines, making it more critical than ever for enterprises to look at security solutions that can seamlessly extend from campus to data centre to the cloud.
A collaboration like ForeScout and VMware, which extends agentless visibility and control across traditional and software-defined data centres with the NSX technology, will be valuable to organisations looking to secure their heterogeneous infrastructures.”
Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus