Inside VMWorld’s 2021 Security Announcements


By: Andrew Braunberg

VMware (NYSE: VMW) this week made several announcements at VMworld that demonstrate progress in integrating technology from its many cybersecurity acquisitions into the company’s broader portfolio. When taken as a whole, they also imply a couple of longer-term strategies.

VMware has been talking about “intrinsic” security for a couple years now. The term is used chiefly to describe security that is instantiated as software, in the place of dedicated hardware, and that is integrated as standard components of virtualized infrastructure. The goal is to move away from traditional security solutions that are created as bolted-on afterthoughts. These products are inevitably built and deployed as standalone security silos. VMware continues to expand its security capabilities and is implementing intrinsic security across its broader portfolio. This includes work on endpoints, workloads, network, cloud, and identity.

Intrinsic security, according to VMware, is built into the virtualization layer, and therefore can provide native context awareness of applications and workloads and simplify policy management through unified policy and integrated workflows.

AppDefense, for example, delivers intrinsic security because it leverages VMware tools to deliver OS level and application inspection and control without the need for dedicated security agents on servers. Similarly, NSX provides micro-segmentation for east/west traffic within virtualized data centers as native functionality. But a large part of VMware’s security portfolio has come through acquisition.

Acquisitions Pay Off

This intrinsic security strategy has been augmented by several key recent security acquisitions by VMware. The most important of these was the 2019 acquisition of Carbon Black for just over $2B. Then last summer VMware acquired Lastline, a pioneer in anti-malware research and AI-powered network detection and response. Earlier this year, the company acquired Octarine, a developer of configuration and runtime protections for containers and Kubernetes; and Mesh7, an API security company. Surprisingly VMware announced last year that it would partner with Menlo Security to deliver most of the security services associated with its SASE solution.

VMware has obtained top tier threat intelligence expertise from Carbon Black and Lastline. The company currently sees more than a trillion security events per day. That’s a lot of data, and the company has a threat intelligence team that can fully leverage that data. The security acquisitions made so far this year demonstrate a continued commitment to filling technology gaps and, again, bringing in expertise in several areas of growing importance to VMware’s broader business strategy.

Carbon Black Workload has been integrated into both vSphere and VMware Cloud. Carbon Black has also been integrated with Workspace ONE, which now supports an advanced compliance engine capable of examining thousands of posture checks on devices, OSs, and apps.

Lastline’s anomaly detection technology has been integrated into NSX to allow tap-less inspection of traffic. VMware has also introduced the Tanzu Service Mesh Advanced edition, which among other things supports API security.

Set up for the SASE Space

VMware also made several announcements related to its Secure Access Service Edge (SASE) strategy. SASE is all the rage these days, but of course VMware had its own spin. The company introduced what is calling elastic application security edge (EASE) which “provides an elastic set of data plane services for networking, security, and observability.” The goal is to provide on demand scalability based on app demand surges.

VMware announced the availability of a new inline cloud access service broker (CASB) service. The offering builds on an existing partnership with Menlo Security, which also provides the technology for VMware’s SWG offering. VMware announced roadmap plans to add Data Loss Prevention (DLP) capabilities to the service, which would also leverage Menlo technology. VMware cannot, of course, buy itself into every market, but given the explosive growth of the SASE market and the fact that it lends itself so well to an intrinsic security philosophy, no doubt the company is wishing that it had gone the acquisition route with respect to core SASE security services.

Another interesting announcement involves a partnership with Intel (Nasdaq: INTC). The companies are working to create a direct link between the Intel vPro platform and VMware Workspace ONE to enable “automated out-of-band maintenance” with the goal of keeping PCs up to date with the latest security patches and policies. No date was given on when that work would be productized.

VMware’s comprehensive efforts and investments in cybersecurity appear to be paying dividends. Its investment in security tools and additional portfolio pieces have positioned it well for the increased demand for network cybersecurity overall, as well as trends such as Work from Anywhere (WFA). It also is coming to the SASE party at the right time, with a good mix of cybersecurity technologies.