back to article VMware's security product to emerge in Q3 as 'App Defence'

VMware's long-expected security product will emerge in Q3 under the name “App Defence”, according to senior veep and GM for networking security Jeff Jennings. Virtzilla has pondered a security play since at least 2013 when NSX Daddy Martin Casado and RSA people started talking about how their respective disciplines - security …

  1. CheesyTheClown

    Kudos!!! And WTF!?!?!

    I'm a huge fan of advances like this. But this is something I've been doing for years with other systems like ACI and Hyper-V. I know this has it's own little competitive advantage, but it's basically same stuff as the other guys a few years late.

    So, if there's actually a focus on this... why isn't VMware working with their Linux and Windows drivers to dig deeper into the system and provide mechanisms through the standardized firewall APIs on those hosts to provide meaningful feedback at an app level to the SDN solution. I mean... really... come on now. I want a method for my web server to say "Drupal needs to update on port X" and then have a policy system which decides whether the Drupal update app should have access or not.

    Hasn't anyone told VMware that we've moved on from virtual machines in the software defined datacenter. We're working on containers and containers automation doesn't stop just because you've installed it. Containers request resources from the host and policies on the host grant or deny access to those resources.

    Also, VMware and Cisco need to learn that we don't want to do software defined using another stinking controller. We want to define networking from the software. Installers and automation systems are not software, they're installation scripts. If you want an example of what software defined is, notice when a program on Windows asks for access to the network and Windows asks when you'd like to grant that access... and it's not asking for port numbers... it's asking whether that program can have certain access to certain resources. That panel should pop up on the security/network admin's telephone instead and when he/she clicks ok, it should install policies in Windows, NSX, the IPS and the firewall all in one go.

    So, really VMware kudos for catching up with 2012. It's really quite cute. But can you please start working on software defined networking?

    1. Anonymous Coward
      Anonymous Coward

      Re: Kudos!!! And WTF!?!?!

      "That panel should pop up on the security/network admin's telephone instead and when he/she clicks ok, it should install policies in Windows, NSX, the IPS and the firewall all in one go."

      I always thought of SDN as box drop-in, then auto configure from a centralised console (i.e. which VLANs and Route etc) - But I quite like your vision :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like