VMware NSX 3.2 Delivers New, Advanced Security Capabilities

VMware NSX 3.2
It’s an impactful release focused on significant NSX Security enhancements
Putting a hard shell around a soft core is not a recipe for success in security, but somehow legacy security architectures for application protection have often looked exactly like that: a hard perimeter firewall layer for an application infrastructure that was fundamentally not built with security as a primary concern. VMware NSX Distributed Firewall pioneered the micro-segmentation concept for granular access controls for cloud applications with the initial launch of the product in 2013. The promise of Zero Trust security for applications, the simplicity of deployment of the solution, and the ease of achieving internal security objectives made NSX an instant success for security-sensitive customers.

Our newest release — NSX-T 3.2 — establishes a new marker for securing application infrastructure by introducing significant new features to identify and respond to malware and ransomware attacks in the network, to enhance user identification and L7 application identification capabilities, and, at the same time, to simplify deployment of the product for our customers.

Modern day security teams need to secure mission-critical infrastructure from both external and internal attacks. By providing unprecedented threat visibility leveraging IDS, NTA, and Network Detection and Response (NDR) capabilities along with granular controls leveraging L4-L7 Firewall, IPS, and Malware Prevention capabilities, NSX 3.2 delivers an incredible security solution for our customers“ 

Umesh Mahajan, SVP, GM (Networking and Security Business Unit)


Distributed Advanced Threat Prevention (ATP)

Attackers often use multiple sophisticated techniques to penetrate the network, move laterally within the network in a stealthy manner, and exfiltrate critical data at an appropriate time. Micro-segmentation solutions focused solely on access control can reduce the attack surface — but cannot provide the detection and prevention technologies needed to thwart modern attacks. NSX-T 3.2 introduces several new capabilities focused on detection and prevention of attacks inside the network. Of critical note is that these advanced security solutions do not need network taps, separate monitoring networks, or agents inside each and every workload.

Distributed Malware Prevention

Lastline’s highly reputed dynamic malware technology is now integrated with NSX Distributed Firewall to deliver an industry-first Distributed Malware Prevention solution. Leveraging the integration with Lastline, a Distributed Firewall embedded within the hypervisor kernel can now identify both “known malicious” as well as “zero day” malware


Distributed Behavioral IDS

Whereas earlier versions of NSX Distributed IDPS (Intrusion Detection and Prevention System) delivered primarily signature-based detection of intrusions, NSX 3.2 introduces “behavioral” intrusion detection capabilities as well. Even if specific IDS signatures are not triggered, this capability helps customers know whether a workload is seeing any behavioral anomalies, like DNS tunneling or beaconing, for example, that could be a cause for concern.

Network Traffic Analysis (NTA)

For customers interested in baselining network-wide behavior and identifying anomalous behavior at the aggregated network level, NSX-T 3.2 introduces Distributed Network Traffic Analysis (NTA). Network-wide anomalies like lateral movement, suspicious RDP traffic, and malicious interactions with the Active Directory server, for example, can alert security teams about attacks underway and help them take quick remediation actions.

Network Detection and Response (NDR)

Alert overload, and resulting fatigue, is a real challenge among security teams. Leveraging advanced AI/ML techniques, the NSX-T 3.2 Network Detection and Response solution consolidates security IOCs from different detection systems like IDS, NTA, malware detection. etc., to provide a ”campaign view” that shows specific attacks in play at that point in time. MITRE ATT&CK visualization helps customers see the specific stage in the kill chain of individual attacks, and the ”time sequence” view helps understand the sequence of events that contributed to the attack on the network.

Key Firewall Enhancements

While delivering new Advanced Threat Prevention capabilities is one key emphasis for the NSX-T 3.2 release, providing meaningful enhancements for core firewalling capabilities is an equally critical area of innovation.

Distributed Firewall for VDS Switchports

While NSX-T has thus far supported workloads connected to both overlay-based N-VDS switchports as well as VLAN-based switchports, customers had to move the VLAN switchports from VDS to N-VDS before a Distributed Firewall could be enforced. With NSX-T 3.2, native VLAN DVPGs are supported as-is, without having to move to N-VDS. Effectively, Distributed Security can be achieved in a completely seamless manner without having to modify any networking constructs.

Distributed Firewall workflows in vCenter

With NSX-T 3.2, we are introducing the ability to create and modify Distributed Firewall rules natively within vCenter. For small- to medium-sized VMware customers, this feature simplifies the user experience by eliminating the need to leverage a separate NSX Manager interface.

Advanced User Identification for Distributed and Gateway Firewalls

NSX supported user identity-based access control in earlier releases. With NSX-T 3.2, we’re introducing the ability to directly connect to Microsoft Active Directory to support user identity mapping. In addition, for customers who do not use Active Directory for user authentication, NSX also supports VMware vRealize LogInsight as an additional method to carry out user identity mapping. This feature enhancement is applicable for both NSX Distributed Firewall as well as NSX Gateway Firewall.

Enhanced L7 Application Identification for Distributed and Gateway Firewalls

NSX supported Layer-7 application identification-based access control in earlier releases. With NSX-T 3.2, we are enhancing the signature set to about 750 applications. While several perimeter firewall vendors claim a larger set of Layer-7 application signatures, they focus mostly on internet application identification (like Facebook, for example). Our focus with NSX at this time is on internal applications hosted by enterprises. This feature enhancement is applicable for both NSX Distributed Firewall as well as Gateway Firewalls.

NSX Intelligence

NSX Intelligence is geared towards delivering unprecedented visibility for all application traffic inside the network and enabling customers to create micro-segmentation policies to reduce the attack surface. It has a processing pipeline that de-dups, aggregates, and correlates East-West traffic to deliver in-depth visibility.

Scalability enhancements for NSX Intelligence

As application infrastructure grows rapidly, it is vital that one’s security analytics platform can grow with it. With the new release, we have rearchitected the application platform upon which NSX Intelligence runs — moving from a stand-alone appliance to a containerized micro-service architecture powered by Kubernetes. This architectural change future-proofs the Intelligence data lake and allows us to eventually scale out our solution to n-node Kubernetes clusters.

Large Enterprise customers that need visibility for application traffic can confidently deploy NSX Intelligence and leverage the enhanced scale it supports.

NSX Gateway Firewall

While NSX Distributed Firewall focuses on east-west controls within the network, NSX Gateway Firewall is used for securing ingress and egress traffic into and out of a zone.

Gateway Firewall Malware Detection

NSX Gateway Firewall in the 3.2 release received significant Advanced Threat Detection capabilities. Gateway Firewall can now identify both known as well as zero-day malware ingressing or egressing the network. This new capability is based on the Gateway Firewall integration with Lastline’s highly reputed dynamic network sandbox technology.

Gateway Firewall URL Filtering

Internal users and applications reaching out to malicious websites is a huge security risk that must be addressed. In addition, enterprises need to limit internet access to comply with corporate internet usage policies. NSX Gateway Firewall in 3.2 introduces the capability to restrict access to internet sites. Access can be limited based on either the category the URL belongs to, or the “reputation” of the URL. The URL to category and reputation mapping is constantly updated by VMware so customer intent is enforced automatically even after many changes in the internet sites themselves.

Spotlight

Synapse Wireless, Inc

Synapse Wireless specializes in providing software, hardware, and networking solutions to develop, deploy, and manage the "Things" in IoT. We enable corporations, product companies, and business partners to make their products smarter and to manage products wirelessly.

OTHER ARTICLES
VMware, Vsphere, Hyper-V

Researchers Explore Details of Critical VMware Vulnerability

Article | May 2, 2023

Researchers have published the details of an investigation into CVE-2020-3952, a major vulnerability in VMware's vCenter that was disclosed and patched on April 9. The flaw was given a CVSS score of 10. CVE-2020-3952 exists in VMware's Directory Service (vmdir), which is a part of VMware vCenter Server, a centralized management platform for virtualized hosts and virtual machines. Through vCenter Server, the company says, an administrator can manage hundreds of workloads. The platform uses single sign-on (SSO), which includes vmdir, Security Token Service, an administration server, and the vCenter Lookup Service. Vmdir is also used for certificate management for the workloads vCenter handles.

Read More
VMware

Top 15 Virtualization Events to Attend in 2023

Article | December 14, 2021

Virtualization has become integral to modern computing, enabling organizations to optimize their resources and increase efficiency. Following are the upcoming events taking place in France, China, USA, Netherlands, and Germany, from April 2023 to December 2023. Let's take a closer look at each of these events and know what attendees can expect to gain from them. The following events will provide insight into the growing impact of virtualization on upcoming as well as established organizations. The renowned speakers in the following events will give economic value to the concept of virtualization and how it can transform business operations. By attending these events, participants will gain a deeper understanding of the latest trends, technologies, and strategies in virtualization, as well as the potential benefits and challenges associated with its implementation. 1. 18th Workshop on Virtualization in High-Performance Cloud Computing May 25, 2023 | Hamburg (Germany) The VHPC workshop at the International Supercomputing Conference - High Performance 2023 invites researchers and industrial practitioners to submit original and high-quality papers on virtualization in HPC, containers, virtualization, and cloud computing. The workshop will cover a broad range of topics related to virtualization, including virtualization for scientific computing and big data analytics, virtualization for high-performance computing and data centers, and virtualization for edge, fog computing, and more. The workshop will provide a forum for researchers to present their latest research findings, share ideas, and collaborate on new research directions. 2. VMware Explore 2023 August 5-10, 2023 | Nevada (USA) The VMware Explore 2023 conference is a specialized event focusing on virtualization and cloud computing technologies for data centers and virtual workspace infrastructure. It will cover topics on cloud & edge infrastructure, networking & security, modern applications & cloud management, hybrid workforce, vision & innovation. VMware Explore 2023 will host a community of technology users and leaders involved in enterprise applications, cloud architecture, infrastructure, end users, networking, and security. 3. Data Center World May 8 - 11, 2023 | Texas (USA) This is the only global event that brings together the entire data center industry, making it the go-to resource for anybody looking to optimize their data center strategy. Data Center World is the premier event for digital infrastructure, that will cater to the needs of data center managers, IT executives, and the pioneers who will shape the future of the digital sector. The technologies and concepts for designing, managing, and optimizing data centers will be presented at the event, along with expert advice and guidance. 4. The Fourteenth International Conference on Cloud Computing, GRIDs, and Virtualization June 26 - 30, 2023 | Saint-Laurent-du-Var (France) The Fourteenth International Conference on Cloud Computing, GRIDs, and Virtualization is an upcoming conference that will provide a forum for researchers and practitioners to present and discuss the latest research, trends & practical applications in cloud computing, grids, and virtualization. The conference will cover various topics related to these fields, including cloud security and privacy, cloud storage, cloud economics, and more. The conference will provide a platform for attendees to discuss emerging trends, challenges, and opportunities in these fields, as well as present their research findings and insights. 5. Knowledge 2023 May 16 - 18, 2023 | Las Vegas (United States) The event is organized by ServiceNow, which provides cloud-based IT service management, IT operations management, and IT business management solutions. Chairman and Chief Executive Officer Bill McDermott will deliver the opening keynote address. The event will include a wide range of sessions: Hands-on Labs, Presentations from Experts, Art of the Possible HackZone Demo, Annual Hackathon, Community Meetups, challenges, and more. Attendees will be able to connect with visionaries worldwide and gain new ServiceNow skills and fresh insights into the power of digital transformation. 6. 2023 5TH INTERNATIONAL CONFERENCE ON HARDWARE SECURITY AND TRUST (ICHST 2023) July 8 - 10, 2023 | Wuxi (China) The 5th International Conference on Hardware Security and Trust (ICHST 2023) will serve as a workshop for ICSIP 2023 and is sponsored by Southeast University, China, with co-sponsorship from Southeast University Wuxi Campus and the School of Cyber Science and Engineering. ICHST is an annual symposium that will seek to promote the rapid growth of hardware-based security research and development. It will focus on presenting new findings in hardware and system security, covering topics such as secure hardware techniques, tools, design and test methods, architectures, circuits, and applications. 7. .NEXT May 9 - 10, 2023 | Chicago (USA) .NEXT conference is a series of annual events organized by Nutanix, a cloud computing and hyper-converged infrastructure company. It will cover fascinating insights about new work, global supply chains, utopian visions, the metaverse and Web3, smart technology, intelligence, and many more. The conference will typically feature keynote presentations, technical sessions, and hands-on labs focused on cloud computing, data center infrastructure, and digital transformation. Attendees will also be able to experience test-drive demos. 8. Wan Summit: Enterprise Networks Chicago September 28, 2023 | Chicago (USA) Connectivity infrastructure is the main topic of discussion at WAN Summit, an invitation-only conference for network and engineering professionals shaping the future of the workplace. In order to help businesses, provide a better experience for their customers, the WAN Summit will discuss the issues that persist in the networking department. The event will have sessions as network manager focus, enterprise case studies, exhibition and networking drinks reception, and so on. 9. Black Hat USA August 5 -10, 2023 | Nevada (USA) This year marks the 26th annual Black Hat USA conference, which will be held at the Mandalay Bay Convention Center in Las Vegas. Attendees of all experience levels can participate in four days of intensive cybersecurity training. More than a hundred carefully-chosen briefings, hundreds of open-source tool demonstrations in Arsenal, a robust business hall, networking and social events, and much more will fill the two days of the main conference. This year, Black Hat will also debut a live, in-person Certification program that will last for a whole day. 10. Gartner IT Symposium | Xpo October 16 -19, 2023 | Orlando (USA) The strategic concerns of enterprise CIOs and their executive teams are the focus of the Gartner IT Symposium/Xpo. At the Gartner IT Symposium, a worldwide network of experts and peers will talk about game-changing innovations. Chief Information Officers and other IT executives will discuss the latest developments in the fields of accelerating business transformation, cybersecurity, artificial intelligence, customer experience, data analytics, executive leadership, and many other topics that will shape the future of IT and business. 11. Container Days September 11 -13, 2023 | Hamburg (Germany) An amazing learning experience on Kubernetes, Cloud Native, Container Security, DevOps, GitOps, Edge Computing, and more is available at CDS, where the CDS family increases yearly. Global tycoons will gather in person and online to share insights, make connections, and do business. Opportunities to meet like-minded people and open discussion forums are favorites among open-source and cloud-native project fans. More in-depth technical presentations and engaging panel discussions will be live across five stages this year. 12. Big Data Expo September 12 - 13, 2023 | Utrecht (Netherlands) Supply and demand in the big data industry are finally brought together at Big Data Expo. This is the only conference in the Benelux region covering every data management facet. Exhibitors are prioritized who regularly engage in data aggregation, generation, analysis, optimization, and application across a variety of scales and contexts. The two-day conference will cover various topics, from cloud computing and data visualization to data security and machine learning/artificial intelligence. If you're interested in data, the Big Data Expo is the place to be. 13. Red Hat Summit May 23 - 25, 2023 | Massachusetts (USA) The seminars, workshops, demos, laboratories, and training opportunities at Red Hat Summit 2023 in Boston (Massachusetts), will be invaluable to the individuals and their teams. In addition, this year's event will be held in conjunction with AnsibleFest, adding automation to the diverse mix of offerings that are used to address a world of IT challenges, in addition to keynotes, customer and partner stories, topics, and tracks designed to help you make the most of hybrid cloud technology. Participants will be able to watch or rewatch major announcements and view dozens of new sessions and recorded sessions from Boston—at no cost to you. 14. TechNet Cyber 2023 May 2 -4, 2023 | Baltimore convention center, Maryland (USA) TechNet Cyber is the best chance to showcase products & services to the nation's top network security, operations, and defense decision-makers. The U.S. Defense Information Systems Agency is always on the lookout for fresh concepts to help standardize and streamline cyber operations throughout the Department of Defense and the armed forces' various components. To tackle global security concerns and successfully function in a digital world, AFCEA's TechNet Cyber acts as a focal point for a government-wide effort to consolidate the policy, strategic architecture, operations, and C2, as well as the combined capabilities necessary to do so. 15. IEEE International Conference On Smart Information Systems and Technologies May 4 - 6, 2023 | Scientific Society (Kazakhstan) The 2023 IEEE SIST International Conference, technically co-sponsored by the IEEE Ukraine Section, is an essential event in the scientific society of Kazakhstan. Professionals, researchers, scientists, specialists, and students from a unique opportunity for participants to expand their knowledge and various areas of the IT industry from around the globe will attend this conference. The conference will offer perspectives on specific topics, and contribute to finding solutions to current IT trends. Additionally, the conference will be covering several research areas, including technology and engineering management, governance, finance, economy, and more. Conclusion The events will help organizations capitalize on the opportunities presented by virtualization and remain ahead of the curve in today's rapidly evolving digital landscape. The purpose of the events is to facilitate collaboration, the exchange of knowledge, and the discussion of innovative solutions for virtualized computing systems of the future.

Read More
Virtual Desktop Tools

VMware Tanzu Kubernetes Grid Integrated: A Year in Review

Article | August 12, 2022

The modern application world is advancing at an unprecedented rate. However, the new possibilities these transformations make available don’t come without complexities. IT teams often find themselves under pressure to keep up with the speed of innovation. That’s why VMware provides a production-ready container platform for customers that aligns to upstream Kubernetes, VMware Tanzu Kubernetes Grid Integrated (formerly known as VMware Enterprise PKS). By working with VMware, customers can move at the speed their businesses demand without the headache of trying to run their operations alone. Our offerings help customers stay current with the open source community's innovations while having access to the support they need to move forward confidently. Many changes have been made to Tanzu Kubernetes Grid Integrated edition over the past year that are designed to help customers keep up with Kubernetes advancements, move faster, and enhance security. Kubernetes updates The latest version, Tanzu Kubernetes Grid Integrated 1.13, bumped to Kubernetes version 1.22 and removed beta APIs in favor of stable APIs that have since evolved from the betas. Over time, some APIs will evolve. Beta APIs typically evolve more often than stable APIs and should therefore be checked before updates occur. The APIs listed below will not be served with v1.22 as they have been replaced by more stable API versions: Beta versions of the ValidatingWebhookConfiguration and MutatingWebhookConfiguration API (the admissionregistration.k8s.io/v1beta1 API versions) The beta CustomResourceDefinition API (apiextensions.k8s.io/v1beta1) The beta APIService API (apiregistration.k8s.io/v1beta1) The beta TokenReview API (authentication.k8s.io/v1beta1) Beta API versions of SubjectAccessReview, LocalSubjectAccessReview, SelfSubjectAccessReview (API versions from authorization.k8s.io/v1beta1) The beta CertificateSigningRequest API (certificates.k8s.io/v1beta1) The beta Lease API (coordination.k8s.io/v1beta1) All beta Ingress APIs (the extensions/v1beta1 and networking.k8s.io/v1beta1 API versions) Containerd support Tanzu Kubernetes Grid Integrated helps customers eliminate lengthy deployment and management processes with on-demand provisioning, scaling, patching, and updating of Kubernetes clusters. To stay in alignment with the Kubernetes community, Containerd will be used as the default container runtime, although Docker can still be selected using the command-line interface (CLI) if needed. Networking Several updates have been made in regards to networking as well including support of Antrea and NSX-T enhancements. Antrea support With Tanzu Kubernetes Grid Integrated version 1.10 and later, customers can leverage Antrea on install or upgrade to use Kubernetes network policies. This enables enterprises to get the best of both worlds: access to the latest innovation from Antrea and world-class support from VMware. NSX-T enhancements NSX-T was integrated with Tanzu Kubernetes Grid Integrated to simplify container networking and increase security. This has been enhanced so customers can now choose the policy API as an option on a fresh installation of Tanzu Kubernetes Grid Integrated. This means that users will have access to new features available only through NSX-T policy API. This feature is currently in beta. In addition, more NSX-T and NSX Container Plug-in (NCP) configuration is possible through the network profiles. This operator command provides the benefit of being able to set configurations through the CLI, and this is persistent across lifecycle events. Storage enhancements We’ve made storage operations in our customers’ container native environments easier, too. Customers were seeking a simpler and more secure way to manage Container Storage Interface (CSI), and we introduced automatic installation of the vSphere CSI driver as a BOSH process beginning with Tanzu Kubernetes Grid Integrated 1.11. Also, as VCP will be deprecated, customers are advised to use the CSI driver. VCP-to-CSI migration is a part of Tanzu Kubernetes Grid Integrated 1.12 and is designed to help customers move forward faster. Enhanced security Implementing new technologies provides users with new capabilities, but it can also lead to new security vulnerabilities if not done correctly. VMware’s goal is to help customers move forward with ease and the confidence of knowing that enhancements don’t compromise core security needs. CIS benchmarks This year, Tanzu Kubernetes Grid Integrated continued to see improvements that help meet today’s high security standards. Meeting the Center for Internet Security (CIS) benchmarks standards is vital for Tanzu Kubernetes Grid Integrated. In recent Tanzu Kubernetes Grid Integrated releases, a few Kubernetes-related settings have been adjusted to ensure compliance with CIS requirements: Kube-apiserver with --kubelet-certificate-authority settings (v1.12) Kube-apiserver with --authorization-mode argument includes Node (v1.12) Kube-apiserver with proper --audit-log-maxage argument (v1.13) Kube-apiserver with proper --audit-log-maxbackup argument (v1.13) Kube-apiserver with proper --audit-log-maxsize argument (v1.13) Certificate rotations Tanzu Kubernetes Grid Integrated secures all communication between its control plane components and the Kubernetes clusters it manages, using TLS validated by certificates. The certificate rotations have been simplified in recent releases. Customers can now list and simply update certificates on a cluster-by-cluster basis through the “tkgi rotate-certificates” command. The multistep, manual process was replaced with a single CLI command to rotate NSX-T certificates (available since Tanzu Kubernetes Grid Integrated 1.10) and cluster-by-cluster certificates (available since Tanzu Kubernetes Grid Integrated 1.12). Hardening of images Tanzu Kubernetes Grid Integrated keeps OS images, container base images, and software library versions updated to remediate the CVEs reported by customers and in the industry. It also continues to use the latest Ubuntu Xenial Stemcell latest versions for node virtual machines. With recent releases and patch versions, the version of dockerd, containerd, runc, telegraf, nfs-utils had been bumped to the latest stable and secure versions as well. By using Harbor as a private registry management service, customers could also leverage the built-in vulnerability scan features to discover the application images CVEs. VMware is dedicated to supporting customers with production readiness by enhancing the user experience. Tanzu Kubernetes Grid Integrated Edition has stayed up to date with the Kubernetes community and provides customers with the support and resources they need to innovate rapidly.

Read More

How virtualization helped Dell make a pandemic pivot

Article | April 14, 2021

Danny Cobb, fellow and vice president of engineering for Dell Technologies’ telco systems business, remembers his company cruising into early 2020: Kicking off a new fiscal year with its operating plan in place, supply chain nailed down and factories humming; people coming into the office each day to the usual routine of looking for parking spots and taking laptops down to the cafeteria. Then came March, and the first wave of the Covid-19 pandemic hit U.S. shores. In the course of one weekend, Dell pivoted to having more than 90% of its workforce working from home. That meant a dramatic shift in its network needs and operations – one that was only able to be accomplished so quickly because of virtualized infrastructure.

Read More

Spotlight

Synapse Wireless, Inc

Synapse Wireless specializes in providing software, hardware, and networking solutions to develop, deploy, and manage the "Things" in IoT. We enable corporations, product companies, and business partners to make their products smarter and to manage products wirelessly.

Related News

Virtual Desktop Tools, Virtual Desktop Strategies

Leostream Enhances Security and Management of vSphere Hybrid Cloud Deployments

Business Wire | January 29, 2024

Leostream Corporation, the world's leading Remote Desktop Access Platform provider, today announced features to enhance security, management, and end-user productivity in vSphere-based hybrid cloud environments. The Leostream platform strengthens end-user computing (EUC) capabilities for vSphere users, including secure access to both on-premises and cloud environments, heterogeneous support, and reduced cloud costs. With the Leostream platform as the single pane of glass managing EUC environments, any hosted desktop environment, including individual virtual desktops, multi-user sessions, hosted physical workstations or desktops, and hosted applications, becomes simpler to manage, more secure, more flexible, and more cost-effective. Significant ways the Leostream platform expands vSphere’s capabilities include: Security The Leostream platform ensures data remains locked in the corporate network, and works across on-premises and cloud environments, providing even disparate infrastructures with the same levels of security and command over authorization, control, and access tracking. The Leostream platform supports multi-factor authentication and allows organizations to enforce strict access control rules, creating an EUC environment modeled on a zero-trust architecture. Multivendor/protocol support The Leostream platform was developed from the ground up for heterogeneous infrastructures and as the connection management layer of the EUC environment, the Leostream platform allows organizations to leverage vSphere today and other hypervisors or hyperconvergence platforms in the future as their needs evolve. The Leostream platform supports the industry’s broadest array of remote display protocols, including specialized protocols for mission-critical tasks. Consistent EUC experience The Leostream platform enables IT to make changes to the underlying environment while ensuring the end user experience is constant, and to incorporate AWS, Azure, Google Cloud, or OpenStack private clouds into their environment without disruptions in end-user productivity. By integrating with corporate Identity Providers (IdPs) that employees are already familiar with, and providing employees with a single portal they use to sign in, the Leostream platform offers simplicity to users too. Connectivity The Leostream Gateway securely connects to on-prem and cloud resources without virtual private networks (VPNs), and eliminates the need to manage and maintain security groups. End users get the same seamless login and high-performance connection across hybrid environments including corporate resources located off the internet. Controlling cloud costs The Leostream Connection Broker implements automated rules that control capacity and power state in the cloud, allowing organizations to optimize their cloud usage and minimize costs, such as ensuring cloud instances aren’t left running when they are no longer needed. The Connection Broker also intelligently pools and shares resources across groups of users, so organizations can invest in fewer systems, reducing overall cost of ownership. “These features deliver a streamlined experience with vSphere and hybrid or multi-cloud resources so end users remain productive, and corporate data and applications remain secure,” said Leostream CEO Karen Gondoly. “At a time when there is uncertainty about the future of support for VMware’s end-user computing, it’s important to bring these options to the market to show that organizations can extend vSphere’s capabilities and simultaneously plan for the future without disruption to the workforce.” About Leostream Corporation Leostream Corporation, the global leader in Remote Desktop Access Platforms, offers comprehensive solutions that enable seamless work-from-anywhere environments for individuals across diverse industries, regardless of organization size or location. The core of the Leostream platform is its commitment to simplicity and insight. It is driven by a unified administrative console that streamlines the management of users, cloud desktops, and IT assets while providing real-time dashboards for informed decision-making. The company continually monitors the evolving remote desktop landscape, anticipating future trends and challenges. This purposeful, proactive approach keeps clients well-prepared for the dynamic changes in remote desktop technology.

Read More

Virtualized Environments

Vuzix Introduces Z100 Smart Glasses to Seamlessly Connect Workers with AI Optimization Tools

PR Newswire | January 10, 2024

Vuzix Corporation, a leading supplier of smart glasses and augmented reality (AR) technology and products, today announced the unveiling of Vuzix Z100 smart glasses, which will initially be offered as a developer's edition. Built using the Vuzix Ultralite OEM PlatformSM, these safety glasses-certified smart glasses are sleek and made for all day wear. Using them, workers get a human-centered connection to AI and work process applications, receiving critical updates, convenient workflow and task confirmations, and notifications in real time, all while wearing a pair of glasses that workers will enjoy having on. Vuzix Z100 smart glasses pair seamlessly via Bluetooth with Android or iOS IOT devices. They represent the first attractive, functional bridge between AI platform tools, where situational guidance can streamline workflows, and human workers can reap the benefits of a truly connected workplace. In addition to a lightweight AI interface, Vuzix Z100 glasses can augment the data feed from finger scanners, sensors, controllers, and other equipment with minimal native UI, making that data available in a new and highly accessible format. Tasks with sub-standard user feedback due to device or process limitations can now have their workflows displayed in the user's heads up display, providing human-centered outputs and real-time updates. Running up to 48 hours on a single charge, Vuzix Z100 smart glasses pack industry-defining heads-up waveguide technology into a sleek, fashionable form factor that weighs in at just 35 grams – the weight of a standard pair of glasses. Advanced monocular waveguide optics, combined with Vuzix' custom micro display engine, create a crisp, transparent, monochrome image that can deliver all the important information on a user's Android or iOS device, hands-free right before their eyes. Wearers get heads-up access to important task information, from language translation and closed captioning, to directions, to health and workout status, to messaging, workflow outputs and much more. Best of all, Vuzix Z100 smart glasses provide a sleek, attractive form factor that frontline employees will want to wear. "The Z100 takes enterprise use of AR smart glasses to the next level, providing workers with a hands-free wearable that is indistinguishable from a pair a standard glasses," said Paul Travers, President and Chief Executive Officer at Vuzix. "This rollout is in overwhelming response to interest expressed by enterprise customers in an attractive and light weight pair of smart glasses that can augment current workflows with AI optimization software. There are customers across numerous market verticals and use cases that we believe will embrace this product as fashionable and affordable productivity device that workers will enjoy wearing all day every day." About Vuzix Corporation Vuzix is a leading designer, manufacturer and marketer of Smart Glasses and Augmented Reality (AR) technologies and products for the enterprise, medical, defense and consumer markets. The Company's products include head-mounted smart personal display and wearable computing devices that offer users a portable high-quality viewing experience, provide solutions for mobility, wearable displays and augmented reality, as well OEM waveguide optical components and display engines. Vuzix holds more than 350 patents and patents pending and numerous IP licenses in the fields of optics, head-mounted displays, and augmented reality Video Eyewear field. Moviynt, an SAP Certified ERP SaaS logistics solution provider, is a Vuzix wholly owned subsidiary. The Company has won Consumer Electronics Show (or CES) awards for innovation for the years 2005 to 2024 and several wireless technology innovation awards among others. Founded in 1997, Vuzix is a public company with offices in: Rochester, NY; Munich, Germany; and Kyoto and Tokyo, Japan.

Read More

Virtualized Environments

ARound and Immersal Team Up to Revolutionize Augmented Reality in Sports and Live Entertainment

PR Newswire | January 05, 2024

ARound, the pioneering shared augmented reality (AR) platform, part of Stagwell, is excited to announce a groundbreaking partnership with Immersal, leaders in spatial computing and AR localization technology, and part of Hexagon. By creating a turn-key WebAR solution for stadium AR, this partnership facilitates easier integration of shared AR experiences for teams, venues, and events, broadening the scope of interactive fan engagement. ARound and Immersal are poised to announce their inaugural collaboration with a major sports league next month, marking a significant milestone in bringing this innovative vision to life. This partnership combines ARound's connected, shared AR technology that has transformed live fan experiences for professional sports teams across three professional leagues – MLB, NBA, NFL – including the Minnesota Twins, Los Angeles Rams, Kansas City Royals, and the Cleveland Cavaliers, with Immersal's visual positioning system (VPS) that creates centimeter-accurate, large-scale indoor and outdoor AR experiences. "This partnership is a game-changer in the world of sports and live entertainment as we collaborate to make stadium AR experiences more accessible and ubiquitous to all fans and types of events," said Josh Beatty, founder and CEO, ARound. "By integrating our fan engagement platform with Immersal's robust localization technology, we can seamlessly create dynamic digital experiences that put fans at the center of the action while scaling to new audiences around the world." The integration of ARound and Immersal technologies yields greater access and broader use cases of AR experiences through WebAR, enhancing the overall quality and ease of integration for in-stadium entertainment. Fans can interact with live events in real-time, participating in AR games, accessing real-time game content, and enjoying shared experiences with fellow attendees, all from their smartphones without the need for a standalone app. Brands and sponsors will also now be able to connect with audiences in innovative, meaningful ways, enhancing their marketing mix and creating new avenues for engagement. "We're committed to innovating and enhancing AR experiences at live events and our technology, combined with ARound's exciting platform, will set a new benchmark in how fans interact with live sports and entertainment, offering them an engaging and memorable experience like never before," Matias Koski, CEO, Immersal. This groundbreaking partnership heralds a new era in fan engagement, offering sports teams, venues, and brands an unparalleled platform to connect with audiences. Combining ARound's interactive fan experiences with Immersal's precision technology, the stage is now set for a revolution in live entertainment. About ARound ARound is a first-of-its-kind stadium-level shared augmented reality platform and is part of the Stagwell Marketing Cloud, a proprietary suite of SaaS solutions built for the modern marketer. ARound keeps audiences engaged by capturing their attention through immersive, interactive and shared experiences with fellow fans across the venue. Where other AR products offer isolating, singular experiences, ARound's massive multi-user AR – which uses 3D spatial computing to localize content – redefines what it means to be part of a connected fan experience. It was the winner of Stagwell's annual innovation competition which invests in new product ideas proposed by the network's 13,000+ employees. ARound and the Stagwell Marketing Cloud are a part of Stagwell, the challenger network built to transform marketing. About Immersal Immersal, part of Hexagon, is building world-leading spatial mapping and visual positioning tools — the foundation of the metaverse. Founded in 2015, Immersal's team is based in Helsinki, Finland, and working with partners, developers and creators across the globe to reimagine how we explore, interact and create. Immersal also has sales offices in Hong Kong and in Silicon Valley, California, and is expanding its presence and partner networks globally. The company was acquired by Hexagon in 2021 and continues to pursue the vision of a metaverse built and experienced by everyone on any device. Hexagon has approximately 24,000 employees in 50 countries and net sales of approximately 5.2bn EUR.

Read More

Virtual Desktop Tools, Virtual Desktop Strategies

Leostream Enhances Security and Management of vSphere Hybrid Cloud Deployments

Business Wire | January 29, 2024

Leostream Corporation, the world's leading Remote Desktop Access Platform provider, today announced features to enhance security, management, and end-user productivity in vSphere-based hybrid cloud environments. The Leostream platform strengthens end-user computing (EUC) capabilities for vSphere users, including secure access to both on-premises and cloud environments, heterogeneous support, and reduced cloud costs. With the Leostream platform as the single pane of glass managing EUC environments, any hosted desktop environment, including individual virtual desktops, multi-user sessions, hosted physical workstations or desktops, and hosted applications, becomes simpler to manage, more secure, more flexible, and more cost-effective. Significant ways the Leostream platform expands vSphere’s capabilities include: Security The Leostream platform ensures data remains locked in the corporate network, and works across on-premises and cloud environments, providing even disparate infrastructures with the same levels of security and command over authorization, control, and access tracking. The Leostream platform supports multi-factor authentication and allows organizations to enforce strict access control rules, creating an EUC environment modeled on a zero-trust architecture. Multivendor/protocol support The Leostream platform was developed from the ground up for heterogeneous infrastructures and as the connection management layer of the EUC environment, the Leostream platform allows organizations to leverage vSphere today and other hypervisors or hyperconvergence platforms in the future as their needs evolve. The Leostream platform supports the industry’s broadest array of remote display protocols, including specialized protocols for mission-critical tasks. Consistent EUC experience The Leostream platform enables IT to make changes to the underlying environment while ensuring the end user experience is constant, and to incorporate AWS, Azure, Google Cloud, or OpenStack private clouds into their environment without disruptions in end-user productivity. By integrating with corporate Identity Providers (IdPs) that employees are already familiar with, and providing employees with a single portal they use to sign in, the Leostream platform offers simplicity to users too. Connectivity The Leostream Gateway securely connects to on-prem and cloud resources without virtual private networks (VPNs), and eliminates the need to manage and maintain security groups. End users get the same seamless login and high-performance connection across hybrid environments including corporate resources located off the internet. Controlling cloud costs The Leostream Connection Broker implements automated rules that control capacity and power state in the cloud, allowing organizations to optimize their cloud usage and minimize costs, such as ensuring cloud instances aren’t left running when they are no longer needed. The Connection Broker also intelligently pools and shares resources across groups of users, so organizations can invest in fewer systems, reducing overall cost of ownership. “These features deliver a streamlined experience with vSphere and hybrid or multi-cloud resources so end users remain productive, and corporate data and applications remain secure,” said Leostream CEO Karen Gondoly. “At a time when there is uncertainty about the future of support for VMware’s end-user computing, it’s important to bring these options to the market to show that organizations can extend vSphere’s capabilities and simultaneously plan for the future without disruption to the workforce.” About Leostream Corporation Leostream Corporation, the global leader in Remote Desktop Access Platforms, offers comprehensive solutions that enable seamless work-from-anywhere environments for individuals across diverse industries, regardless of organization size or location. The core of the Leostream platform is its commitment to simplicity and insight. It is driven by a unified administrative console that streamlines the management of users, cloud desktops, and IT assets while providing real-time dashboards for informed decision-making. The company continually monitors the evolving remote desktop landscape, anticipating future trends and challenges. This purposeful, proactive approach keeps clients well-prepared for the dynamic changes in remote desktop technology.

Read More

Virtualized Environments

Vuzix Introduces Z100 Smart Glasses to Seamlessly Connect Workers with AI Optimization Tools

PR Newswire | January 10, 2024

Vuzix Corporation, a leading supplier of smart glasses and augmented reality (AR) technology and products, today announced the unveiling of Vuzix Z100 smart glasses, which will initially be offered as a developer's edition. Built using the Vuzix Ultralite OEM PlatformSM, these safety glasses-certified smart glasses are sleek and made for all day wear. Using them, workers get a human-centered connection to AI and work process applications, receiving critical updates, convenient workflow and task confirmations, and notifications in real time, all while wearing a pair of glasses that workers will enjoy having on. Vuzix Z100 smart glasses pair seamlessly via Bluetooth with Android or iOS IOT devices. They represent the first attractive, functional bridge between AI platform tools, where situational guidance can streamline workflows, and human workers can reap the benefits of a truly connected workplace. In addition to a lightweight AI interface, Vuzix Z100 glasses can augment the data feed from finger scanners, sensors, controllers, and other equipment with minimal native UI, making that data available in a new and highly accessible format. Tasks with sub-standard user feedback due to device or process limitations can now have their workflows displayed in the user's heads up display, providing human-centered outputs and real-time updates. Running up to 48 hours on a single charge, Vuzix Z100 smart glasses pack industry-defining heads-up waveguide technology into a sleek, fashionable form factor that weighs in at just 35 grams – the weight of a standard pair of glasses. Advanced monocular waveguide optics, combined with Vuzix' custom micro display engine, create a crisp, transparent, monochrome image that can deliver all the important information on a user's Android or iOS device, hands-free right before their eyes. Wearers get heads-up access to important task information, from language translation and closed captioning, to directions, to health and workout status, to messaging, workflow outputs and much more. Best of all, Vuzix Z100 smart glasses provide a sleek, attractive form factor that frontline employees will want to wear. "The Z100 takes enterprise use of AR smart glasses to the next level, providing workers with a hands-free wearable that is indistinguishable from a pair a standard glasses," said Paul Travers, President and Chief Executive Officer at Vuzix. "This rollout is in overwhelming response to interest expressed by enterprise customers in an attractive and light weight pair of smart glasses that can augment current workflows with AI optimization software. There are customers across numerous market verticals and use cases that we believe will embrace this product as fashionable and affordable productivity device that workers will enjoy wearing all day every day." About Vuzix Corporation Vuzix is a leading designer, manufacturer and marketer of Smart Glasses and Augmented Reality (AR) technologies and products for the enterprise, medical, defense and consumer markets. The Company's products include head-mounted smart personal display and wearable computing devices that offer users a portable high-quality viewing experience, provide solutions for mobility, wearable displays and augmented reality, as well OEM waveguide optical components and display engines. Vuzix holds more than 350 patents and patents pending and numerous IP licenses in the fields of optics, head-mounted displays, and augmented reality Video Eyewear field. Moviynt, an SAP Certified ERP SaaS logistics solution provider, is a Vuzix wholly owned subsidiary. The Company has won Consumer Electronics Show (or CES) awards for innovation for the years 2005 to 2024 and several wireless technology innovation awards among others. Founded in 1997, Vuzix is a public company with offices in: Rochester, NY; Munich, Germany; and Kyoto and Tokyo, Japan.

Read More

Virtualized Environments

ARound and Immersal Team Up to Revolutionize Augmented Reality in Sports and Live Entertainment

PR Newswire | January 05, 2024

ARound, the pioneering shared augmented reality (AR) platform, part of Stagwell, is excited to announce a groundbreaking partnership with Immersal, leaders in spatial computing and AR localization technology, and part of Hexagon. By creating a turn-key WebAR solution for stadium AR, this partnership facilitates easier integration of shared AR experiences for teams, venues, and events, broadening the scope of interactive fan engagement. ARound and Immersal are poised to announce their inaugural collaboration with a major sports league next month, marking a significant milestone in bringing this innovative vision to life. This partnership combines ARound's connected, shared AR technology that has transformed live fan experiences for professional sports teams across three professional leagues – MLB, NBA, NFL – including the Minnesota Twins, Los Angeles Rams, Kansas City Royals, and the Cleveland Cavaliers, with Immersal's visual positioning system (VPS) that creates centimeter-accurate, large-scale indoor and outdoor AR experiences. "This partnership is a game-changer in the world of sports and live entertainment as we collaborate to make stadium AR experiences more accessible and ubiquitous to all fans and types of events," said Josh Beatty, founder and CEO, ARound. "By integrating our fan engagement platform with Immersal's robust localization technology, we can seamlessly create dynamic digital experiences that put fans at the center of the action while scaling to new audiences around the world." The integration of ARound and Immersal technologies yields greater access and broader use cases of AR experiences through WebAR, enhancing the overall quality and ease of integration for in-stadium entertainment. Fans can interact with live events in real-time, participating in AR games, accessing real-time game content, and enjoying shared experiences with fellow attendees, all from their smartphones without the need for a standalone app. Brands and sponsors will also now be able to connect with audiences in innovative, meaningful ways, enhancing their marketing mix and creating new avenues for engagement. "We're committed to innovating and enhancing AR experiences at live events and our technology, combined with ARound's exciting platform, will set a new benchmark in how fans interact with live sports and entertainment, offering them an engaging and memorable experience like never before," Matias Koski, CEO, Immersal. This groundbreaking partnership heralds a new era in fan engagement, offering sports teams, venues, and brands an unparalleled platform to connect with audiences. Combining ARound's interactive fan experiences with Immersal's precision technology, the stage is now set for a revolution in live entertainment. About ARound ARound is a first-of-its-kind stadium-level shared augmented reality platform and is part of the Stagwell Marketing Cloud, a proprietary suite of SaaS solutions built for the modern marketer. ARound keeps audiences engaged by capturing their attention through immersive, interactive and shared experiences with fellow fans across the venue. Where other AR products offer isolating, singular experiences, ARound's massive multi-user AR – which uses 3D spatial computing to localize content – redefines what it means to be part of a connected fan experience. It was the winner of Stagwell's annual innovation competition which invests in new product ideas proposed by the network's 13,000+ employees. ARound and the Stagwell Marketing Cloud are a part of Stagwell, the challenger network built to transform marketing. About Immersal Immersal, part of Hexagon, is building world-leading spatial mapping and visual positioning tools — the foundation of the metaverse. Founded in 2015, Immersal's team is based in Helsinki, Finland, and working with partners, developers and creators across the globe to reimagine how we explore, interact and create. Immersal also has sales offices in Hong Kong and in Silicon Valley, California, and is expanding its presence and partner networks globally. The company was acquired by Hexagon in 2021 and continues to pursue the vision of a metaverse built and experienced by everyone on any device. Hexagon has approximately 24,000 employees in 50 countries and net sales of approximately 5.2bn EUR.

Read More

Events