SECUREFEVER

View Original

VMware & Cloud Workload Protection

Hey everyone!

After the announcement and additional sessions at VMworld in september, VMware Carbon Black (The Security Business Unit at VMware) launched their Workload Security offering(s) last week. This is the next strategic step by VMware within their “Intrinsic Security” vision and strategy.

Cloud Workload Security or Cloud Workload Protection aka CWS/CWP/CWPP (2nd P for Platform) as an title is not really something “new” within the security market. When you look at the enterprise security landscape and some of the well-known security vendors, you will easily find out that CWP is the successor of legacy Server Security products and suites. In times of Physical, Virtual, Container, Serverless systems (or just Workloads) and equal components within most common data center and infrastructure environments it’s 1 of the most important topics Security Teams needs to address just right now to secure their IP.

When I was starting to write this blog post I thought about it how deep I should/I need to describe this specific topic in a fairly amount of time without getting too deep easily. But then, I found a blog post from the Carbon Black Team which describes most of my own ideas I wanted to share in a very good way. You may also found out already that I was stealing their article name somehow but it’s the perfect match for it! So, If you are new to all this or just want to refresh your knowledge, please take a look on this blog post by the Carbon Black folks, here -> Defining Cloud Workload Protection

Ok, I hope you’ve enjoyed reading the article, I’ve mentioned before! :)
Now, I think we’re good to go now to diggin’ deep and check out some details around this product launch!

The Cloud Workload Protection (CWP) module & adds new functionalities like Vulnerability Assessment, increased Data Center visibility and an “Agentless” approach to the VMware Carbon Black’s cloud-native Endpoint Security Platform called Carbon Black Cloud (CBC). Which already offers several security components around NGAV, EDR, Audit & Remediation features, using newest anti-malware methods like Real-Time Queries, Machine Learning, AI, Cloud Reputation, Data Enrichment and more against malware, advanced attacks and upcoming threats.

New features added by CWP within the Carbon Black Cloud Management console

Carbon Black Cloud Workload itself is a data center security product that protects your workloads running in a virtualized environment. It ensures that security is intrinsic to the virtualization environment by providing a built-in protection for virtual machines. After enabling the Carbon Black functionality in vCenter Server, you can view the inventory protected by Carbon Black Cloud Workload and view the inventory and risk assessment dashboard provided by Carbon Black Cloud Workload Plug-in.

You can now easily monitor and protect the data center workloads from the Carbon Black Cloud console. The Carbon Black Cloud Workload Plug-in provides deep visibility into your data center inventory and end-to-end life-cycle management for the components.

Carbon Black Cloud Workload consists of a few key components that interact with each other.

You must first deploy an on-premises OVF/OVA template for the Carbon Black Cloud Workload appliance that connects the Carbon Black Cloud to the vCenter Server through a registration process. After the registration is complete, the Carbon Black Cloud Workload appliance deploys the Carbon Black Cloud Workload Plug-in and collects the inventory from the vCenter Server. The collected inventory data is displayed on the plug-in Inventory tab and is also communicated to the Carbon Black Cloud console.

So far, so good. Let’s do some quick check now, on the available information & ressources! Here is a short overview:

the good thing:
All VMware vSphere customers have access to an extended trial version of VMware Carbon Black Cloud Workload Essentials. You can sign up for it HERE.
Check out the datasheet to get some details about it HERE. There is also a video available HERE: Introduction to VMware Carbon Black Cloud Workload (direct video link)

the not so good thing:
you need to be very quick to sign up for the free and extended Trail phase ;)
Some copy / paste content from the Trial FAQ (see full details at the link below) to light up the darkness:

"...

  • What is the deadline for sign up for the free trial? December 1, 2020.

  • After I sign up, how soon will I get access to the Workload Trial? The Workload Product Trial will be available November 2020. Eligible participants will receive email communications to let them know when the product is launched and how to download.

  • How long does the free trial last? The trial will be available through April 30, 2021.

..."

There are tons of information available already, but I was searching for the (hopefully) most useful content, which can be found below:

Additional Content & Details:

Technical Details:


Enough said! Now it’s time to try it out! :)