As we talked in the last two articles, VMware announced some amazing new features during VMworld. One of the first I want to talk about was already announced before VMworld. The acquisition of Carbon Black. This acquisition came kinda out of the blue. We all knew the whole Workspace suite was still missing a Security / Anti Malware solution and with the addition of Carbon Black, this circle is full now.
Carbon Black
So what is Carbon Black you might ask? It’s an Endpoint Protection Platform (EPP) but more. The CB Predictive Security Cloud consolidates security and provides you with what you need to secure your endpoints, using a single lightweight agent.
- Predict and prevent attacks never seen before – by looking at unfiltered endpoint data, not just threat-related data – we can see threats that may have never been identified before.
- Focus and prioritize security efforts – customers can protect themselves from developing attacks that haven’t hit them yet, and we prioritize security issues that need to be fixed first.
- Security that outpaces the attackers – our cloud-deployed technology lets us innovate fast to address new threats as they arrive, without requiring complex IT deployments.
- Leverage the value of your entire security stack – Open APIs let customers integrate their other security investments such as network security to help detect more threats and respond to issues faster.
Right now, the Carbon Black’s system works by watching the activity on all the systems and devices its clients are running, capturing an immense among of data from them, then processing that information through an analytics engine to eke out attack trends to better protect its clients. If data from Carbon Black’s customer base of 6,500 can provide a good basis for protecting users from attacks, the thinking goes, what can data from 500,000 do?
Now imagine that this solution is integrated into VMware NSX. Giving the solution the means to isolate threads on a virtual network level before it hits the virtual machine? Protecting your identity information on VMware Workspace ONE Access. Detecting issues before your logon process is completed.
Those are just a few examples of what could go wrong but Carbon Black adds a layer of security that will make you feel more comfortable with your platform making it secure as possible. A lot of customers I spoke with as a consultant from ITQ were facing this security challenge. They all like the VMware ecosystem for EUC but it was still missing that perfectly integrated security system. Having to go through multiple presentations of all those available vendors. Each having different options that do integrate with A but not B but just not how it should! Now that search is over! I think the addition of Carbon Black to the Workspace ecosystem will save you the search for that solution and you will get the most out of it with all integrations.
Beyond these core capabilities, the joint solution adds four unique, benefits:
- Reduces mean time to resolution for alert triage, leveraging application context from AppDefense in CB Defense for VMware alerts.
- Provides highly precise and automated remediation with orchestrated remediation that triggers off of AppDefense or CB Defense for VMware alerts and takes actions through both systems.
- Ensures standardized security controls in the data center by providing an unmanaged assets view that looks across CB Defense for VMware and AppDefense pointing out any system not covered.
- Allows you to work from the console of your choice, including your SIEM.
NOTES:
- The new solution will be generally available from Carbon Black in VMware’s Q4 FY 2019, which ends on February 3, 2020.
- The relationship also includes a joint resell relationship. Both VMware and Carbon Black will offer a joint solution.
- VMware and Carbon Black will soon be kicking off a 15-city tour to give enterprises a firsthand look at the new solution.
