VMware AppDefense will protect both on-premises and public cloud workloads, which enables organizations to apply...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
AppDefense to hybrid environments. AppDefense is a managed cloud-based SaaS application. It's well-suited for protecting VM workloads in a public cloud, such as VMware Cloud on AWS, by design. But AppDefense also deploys a Security Management proxy as an on-premises appliance to protect on-premises VM workloads. This on-premises proxy interfaces with the AppDefense service in the cloud. A similar proxy -- also present in the cloud -- isolates the Security Manager service from the actual cloud infrastructure, guarding it against attack.
AppDefense is a relatively new product that requires vSphere and vCenter for on-premises operation. However, it does not implement any kind of automated remediation or provisioning for on-premises security. An enterprise will need to deploy additional VMware tools, including NSX and vRealize Automation, to execute the kind of automation and remediation capabilities found in the cloud-based service.
It's too early to tell whether AppDefense will eventually support other, non-VMware hypervisors or bare-metal workloads on premises, but it's possible that future releases of AppDefense will build support for other hypervisors and tools. In addition, a security service like AppDefense depends on reliable WAN connectivity. Any disruption in WAN connectivity can cause the AppDefense service -- as well as other public cloud infrastructure -- to become unavailable. It remains unclear exactly how connectivity problems will affect an on-premises proxy or overall application security under AppDefense.
All of this means that potential adopters will need to apply due diligence and perform proof-of-concept projects to verify the suitability and performance of AppDefense for their specific on-premises and public cloud workloads before they apply it to a hybrid environment.
The rapid evolution of security threats and high-profile security breaches has organizations scrambling to strengthen postures without imposing onerous new tools with more complexity. This can require a shift in the way that organizations handle security -- replacing traditional alert logging and manual interventions with a far more automated and orchestrated approach. VMware AppDefense is one emerging service intended to protect applications at the application layer by understanding how they work normally, watching for disparities and automatically orchestrating actions to contain and remediate any events.
Dig Deeper on Using monitoring and performance tools with VMware
Related Q&A from Stephen J. Bigelow
VMware VIC security features, like isolation and user authentication, can improve enterprise container security so long as proper configuration and ...continue reading
VSphere Integrated Containers uses a combination of VIC engine, Project Harbor, Project Admiral and Photon OS to handle container provisioning, ...continue reading
OpenStack scheduled numerous hypervisors for deprecation in 2014's OpenStack Icehouse, but no others are scheduled for future releases, up to and ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.