In an era of unrelenting cyber threats, enterprises face increasing pressure to protect their applications and data while ensuring optimal performance and scalability. IT teams are under pressure to deliver services, resolve application issues quickly, provision new applications, and lower cost of services.
To help IT and security teams better protect against cyber attacks and enhance their workload performance, Broadcom is unveiling new enhancements and capabilities to VMware vDefend and VMware Avi Load Balancer at VMware Explore 2024 Las Vegas. These innovations are set to revolutionize how organizations protect east-west traffic and automate load balancing in their cloud environments.
VMware vDefend: Elevating Enterprise Lateral Threat Defense for the GenAI Era
Security teams today are grappling with an escalating volume of sophisticated threats, exacerbated by the rise of generative AI (GenAI) and large language models (LLMs). Traditional approaches that focus on protecting only critical assets while leaving other workloads vulnerable are no longer sufficient. To meet this challenge, enterprises must adopt multi-layered lateral security strategies that emphasize zero trust and strict adherence to the principle of least privilege. They need a comprehensive solution that offers visibility, segmentation, and threat defense while remaining easy to deploy and operate.
Today we are further strengthening the VMware vDefend portfolio to enhance threat detection, prevention, and overall security operational effectiveness for east-west traffic for the VCF private cloud. These capabilities include:
- Project Cypress for vDefend: With a generative AI-driven co-Pilot within vDefend, organizations can accelerate alert triage and remediation. Security analysts can interact with vDefend through a natural language interface, eliminate false positives, and reduce alert volumes, to enhance threat assessment and response times.
- VMware Cloud Foundation 9 Integrations: With VMware Cloud Foundation (VCF) Import, organizations can simplify the existing security configurations into VCF 9. Native VMware Private Cloud (VPC) integration enables teams to integrate security workflows with VPC functionality, enabling firewall administrators to define and delegate security policies for self-service operations.
- Firewall Rule Analysis: New enhancements to vDefend’s analytic capabilities allow users to rapidly identify and eliminate rules that do not improve security effectiveness. Dynamic policy analysis allows organizations to reduce their attack surface by weeding out overly permissive rules, ineffective rules, and redundant rules.
- File-based and File-less Malware Prevention: VMware vDefend now offers on-premises malware analysis capabilities, for organizations in highly regulated industries, ensuring compliance with data sovereignty and residency requirements.
- IDS/IPS Support for Highly Dense or Distributed VCF Deployments: Enhancements to the Intrusion Detection and Prevention System (IDS/IPS) capabilities provide consistent threat prevention across dense VCF deployments, improving performance and simplifying operations. The result is a 2x to 3x performance boost along with stronger east-west traffic protection.
- Rapid Threat Assessment for East-West Traffic: Using the VMware hypervisor as a threat sensor, vDefend enables rapid east-west threat assessment without the need for additional tools.
VMware Avi Load Balancer: Enhancing Performance and Future-Proofing Kubernetes
In addition, VMware unveiled a suite of new innovations for Avi Load Balancer designed to optimize load balancing for VCF and Kubernetes environments, with a focus on automation, resilience, and AI-driven operations. Key enhancements include:
- Integration with Tanzu Application Service (TAS): Avi is the load balancer of choice for TAS, offering end-to-end automation, application analytics, and enterprise-grade features at scale. This integration significantly reduces deployment times, from weeks to minutes, and provides unmatched per-application insights from layer 4 to layer 7 — insights that have never been attained before with other load balancers.
- Enhanced Gateway API Support for Kubernetes: Avi’s support for the Gateway API ensures that Kubernetes-based applications are future-proofed with advanced traffic routing capabilities, including header-based matching, traffic weighting, and canary deployments for CI/CD pipelines.
- Planned Integrations with VMware Cloud Foundation 9: Avi supports VCF Import for the upcoming VCF 9, for a unified experience with new and existing workload domains. In addition, planned support includes native virtual private cloud deployment, VCF multi-tenancy support to enable self-management on a per tenant basis, and multi-availability zone support to improve resilience.
- GenAI Co-Pilot for Analytics and Operations: Avi plans to leverage GenAI to enable a co-pilot for app visibility, streamlining both Day 1 and Day 2 load balancing operations for VCF workloads. This includes AI-driven recommendations for product documentation, configuration guides, and best practices.
- Next-gen scale and performance: Avi’s support for Intel QAT, organizations can benefit from a 3X+ secure sockets layer (SSL) performance increase. Additionally, Avi plans to increase scale by 1.5X—5X to support continued application scaling.
Join us at VMware Explore 2024 in Las Vegas to learn more.
If you plan to attend VMware Explore 2024 either in person in Las Vegas or virtually, we encourage you to join the following sessions to learn more:
- [ANSP2267LV] Innovations in Ransomware Prevention and Cloud-Speed Application Delivery with VMware vDefend and VMware Avi Load Balancer
- [ANSB1976LV]The Conman of the Digital Era — Ransomware
- [ANSB2240LV] Security Reference Design for VMware Cloud Foundation
- [ANSB2084LV]Bootstrapping Segmentation and Zero Trust in Your VMware Cloud Foundation Private Cloud
- [INVB1702LV] GenAI-Powered Insights in Avi LB: A Journey into Next-Gen Observability
- [ANSB1834LV] Securing Ingress and Gateway API with Avi Load Balancer for Any Kubernetes