Why VMware thinks you’ve got app security all wrong

How software-defined networking could help secure apps without the headache

Virtualising the network can ease the "root canal" pain of app security, according to VMware.

Instead of separately securing each and every app instance running on your infrastructure, the virtualisation specialist is encouraging IT teams to take a different approach using a software-defined network to define security settings for a whole slew of apps at once.

Advertisement - Article continues below

The latest version of VMware's network virtualisation product announced at VMworld 2015 this week, NSX 6.2, introduces this concept of network encryption.

Apps have become such a common part of IT infrastructure they are a distributed system in their own right, said Martin Casado, chief networking architect, with instances appearing all over the network.

As a result, this makes securing them individually a headache, and their distributed nature leaves IT with little visibility into where problems originate.

"Consider troubleshooting. Two words: root canal," he said at VMworld 2015 in San Francisco this week. "If the user has a problem you get a call, and without end-to-end visibility it's very difficult to know what's going on.

"Because of the complexity of applications, once we've deployed [them] we don't want to touch them. As a result the entire organisation becomes incompliant, or worse, insecure."

Tom Corn, the company's senior VP of security products, added: "We live in a hyper-connected world and in this world the perimeters are too porous, the attack surface is simply too wide."

Advertisement - Article continues below
Advertisement - Article continues below

The challenge, VMware believes, is not in securing individual apps but in encrypting data as it moves across the network between applications.

This is exactly what NSX 6.2 allows IT to do, said Casado, turning encryption from being endpoint-focused to being an "infinite service" that covers the entire network infrastructure.

"It accumulates all the pieces together so that you can configure and troubleshoot the application as a whole," he said.

This means customers can set the security policy for every instance of an app at once, rather than having to tackle each instance of the app on the network.

With NSX, shifting apps from one cloud network to another means their specific security policies shift across, too.

A total 100 customers are already using NSX 6.2 in production, according to VMware, while US broadcaster Tribune Media used the product alongside a VMware hypervisor to deploy 140 apps over five months, getting only nine help desk calls overall.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now



K2View innovates in data management with new encryption patent

28 May 2020
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Most Popular

Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020
data protection

NHS yet to understand risks of holding Test and Trace data for 20 years

29 May 2020