Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Does VMware AppDefense protect hybrid environments?

The VMware AppDefense network security product uses Security Management proxies to protect on-premises and public cloud workloads at the application layer.

VMware AppDefense will protect both on-premises and public cloud workloads, which enables organizations to apply...

AppDefense to hybrid environments. AppDefense is a managed cloud-based SaaS application. It's well-suited for protecting VM workloads in a public cloud, such as VMware Cloud on AWS, by design. But AppDefense also deploys a Security Management proxy as an on-premises appliance to protect on-premises VM workloads. This on-premises proxy interfaces with the AppDefense service in the cloud. A similar proxy -- also present in the cloud -- isolates the Security Manager service from the actual cloud infrastructure, guarding it against attack.

AppDefense is a relatively new product that requires vSphere and vCenter for on-premises operation. However, it does not implement any kind of automated remediation or provisioning for on-premises security. An enterprise will need to deploy additional VMware tools, including NSX and vRealize Automation, to execute the kind of automation and remediation capabilities found in the cloud-based service.

It's too early to tell whether AppDefense will eventually support other, non-VMware hypervisors or bare-metal workloads on premises, but it's possible that future releases of AppDefense will build support for other hypervisors and tools. In addition, a security service like AppDefense depends on reliable WAN connectivity. Any disruption in WAN connectivity can cause the AppDefense service -- as well as other public cloud infrastructure -- to become unavailable. It remains unclear exactly how connectivity problems will affect an on-premises proxy or overall application security under AppDefense.

All of this means that potential adopters will need to apply due diligence and perform proof-of-concept projects to verify the suitability and performance of AppDefense for their specific on-premises and public cloud workloads before they apply it to a hybrid environment.

The rapid evolution of security threats and high-profile security breaches has organizations scrambling to strengthen postures without imposing onerous new tools with more complexity. This can require a shift in the way that organizations handle security -- replacing traditional alert logging and manual interventions with a far more automated and orchestrated approach. VMware AppDefense is one emerging service intended to protect applications at the application layer by understanding how they work normally, watching for disparities and automatically orchestrating actions to contain and remediate any events.

This was last published in November 2017

Dig Deeper on Using monitoring and performance tools with VMware

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you think AppDefense is better suited for cloud or on-premises workloads, and why?
Cancel

-ADS BY GOOGLE

SearchServerVirtualization

SearchVirtualDesktop

SearchDataCenter

SearchCloudComputing

Close