VIRTUAL DESKTOP STRATEGIES
VMware | August 08, 2022
VMware, Inc. introduced VMware Carbon Black Workload for Amazon Web Services (AWS) to deliver advanced protection purpose-built for securing both traditional and modern workloads. Using a single unified console that integrates into existing infrastructure, security and information technology (IT) teams can reduce attack surface and strengthen security postures, while achieving consistent and unified visibility for workloads running on AWS, VMware Cloud and on-premises.
“Security and IT teams lack visibility and control in highly dynamic and distributed environments, VMware Carbon Black Workload for AWS improves collaboration between these teams via a single consolidated platform for all workloads, regardless of where they’re running, to help defenders see and stop more threats. This real-time visibility into workloads helps prevent attacks on your most valuable assets and provides AWS customers a finite surface area to protect.”
Jason Rolleston, vice president of product management and co-general manager for VMware’s Security Business Unit
By enabling security teams to see workloads that are ephemeral and transient in nature, VMware Carbon Black Workload for AWS provides authoritative context to help AWS customers better secure modern applications. Automatic gathering and listing of vulnerabilities help identify risk and harden workloads, further shrinking the attack surface, while CI/CD packages for sensor deployment further simplify agent lifecycle management. Additionally, by onboarding their AWS account, AWS customers can achieve more complete, comprehensive, and deeper visibility into the workloads that extend beyond when the VMware Carbon Black Workload sensor was first deployed.
VMware Carbon Black Workload for AWS combines foundational vulnerability assessment and workload hardening with next-generation antivirus (NGAV) to analyze attacker behavior patterns over time and help stop never-seen-before attacks. With enterprise threat hunting for workloads that includes behavioral endpoint detection and response (EDR), AWS customers can turn threat intelligence into a prevention policy to avoid hunting for the same threat twice. This telemetry feeds into VMware Contexa, a full-fidelity threat intelligence cloud that shrinks the gap between attackers and defenders while enabling greater visibility, control, and anomaly detection for workloads.
Learn more about VMware Carbon Black Workload for AWS on our blog, view the listing in AWS Marketplace, and register for VMware Explore to attend hands-on labs and workshops demonstrating VMware’s advanced workload protection capabilities.
About VMware
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.
Read More
SERVER VIRTUALIZATION
Napatech | July 06, 2022
Napatech™ the leading provider of programmable Smart Network Interface Cards (SmartNICs) used for Data Processing Unit (DPU) and Infrastructure Processing Unit (IPU) services in telecom, cloud, enterprise, cybersecurity and financial applications worldwide, today announced a set of new SmartNIC capabilities that enable standard, unmodified applications in edge and core data centers to benefit from offloaded and accelerated compute and networking functions.
As enterprises, communications service providers and cloud data center operators deploy virtualized applications and services in edge and core data centers, they increasingly leverage workload-specific coprocessors to offload functions such as Artificial Intelligence (AI), Machine Learning (ML), storage, networking and infrastructure services from general-purpose server CPUs. This architectural approach not only maximizes the availability of server compute resources for running applications and services but also improves system-level performance and energy efficiency by running the offloaded workloads on devices optimized for those specific tasks such as programmable SmartNICs, also known as Data Processing Units (DPUs) or Infrastructure Processing Units (IPUs).
Thanks to this offload trend as well as an acceleration in global data center deployments, programmable SmartNICs represent the fastest-growing segment of the NIC market, with a Total Available Market (TAM) forecasted to reach $3.8B/year by 2026 according to Omdia.
To maximize the portability of their software and to accelerate their time-to-market, developers of cloud applications and services incorporate industry-standard Application Programming Interfaces (APIs) and drivers within their software. Data center operators therefore need to be able to select offload solutions that are compatible with the relevant standards, to avoid having to create custom, vendor-specific versions of their software. The latest upgrade to Napatech's Link-Virtualization™ software, release 4.4, addresses this challenge by incorporating networking and virtual switching features that implement full support for the relevant open standards, while delivering best-in-class performance and functionality.
Specifically, Link-Virtualization now supports a fully hardware-offloaded implementation of the Virtio 1.1 Input/Output (I/O) virtualization framework for Linux, including the standard kernel NIC interface, which means that guest Virtual Machines (VMs) do not require a custom or proprietary driver. Link-Virtualization also supports the open-standard Data Plane Development Kit (DPDK) fast-path running in guest VMs to maximize the performance of functions such as Open Virtual Switch (OVS). Link-Virtualization is also fully compatible with OpenStack, allowing a seamless integration into cloud data center environments worldwide.
Other new features incorporated in Link-Virtualization include IPv6 VxLAN tunneling, RPM-based setup for OpenStack Packstack, configurable Maximum Transmission Unit (MTU), live migration on packed ring, port-based Quality of Service (QoS) egress policing and more. The software is available on Napatech's portfolio of SmartNICs, powered by AMD (Xilinx) and Intel FPGAs, that span 1 Gbps, 10 Gbps, 25 Gbps, 40 Gbps, 50 Gbps and 100 Gbps port speeds.
As one example of the industry-leading performance delivered by Link-Virtualization, the complete offload of the OVS data path onto the SmartNIC means that only a single host CPU core is required to run the OVS control plane while delivering industry-leading throughput of 55 million packets per second for Port-to-VM-to-Port (PVP) traffic and 130 million packets per second for Port-to-Port (PTP) traffic. Reclaiming host CPU cores previously required to run OVS and making them available to run applications and services leads to a significant reduction in the number of servers required to support a given workload or user base. This in turn drives significant reductions in overall data center CAPEX and OPEX. It also results in lower system-level power consumption and improved energy efficiency for the edge or cloud data center. To aid in the estimation of cost and energy savings for specific use cases, Napatech provides an online ROI calculator, which data center operators can use to analyze their projected savings.
"Napatech's Link-Virtualization software enables data center operators to optimize the performance of their networking infrastructure in a completely standards-compatible environment, which maximizes their flexibility in selecting applications, Besides full support for standard APIs, the solution also incorporates critical operational features such as Receive Side Scaling (RSS) for efficiently distributing network traffic to multiple VMs and Virtual Data Path Acceleration (vDPA), which enables the live migration of running workloads to and from any host, whether or not a SmartNIC is present."
Napatech CMO Jarrod J.S. Siket
About Napatech
Napatech is the leading supplier of programmable FPGA-based SmartNIC solutions used in telecom, cloud, enterprise, cybersecurity and financial applications worldwide. Through commercial-grade software suites integrated with robust, high-performance hardware, Napatech accelerates telecom, networking and security workloads to deliver best-in-class system-level performance while maximizing the availability of server compute resources for running applications and services.
Read More
VIRTUAL DESKTOP TOOLS
Trellix | July 19, 2022
Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released The Threat Report: Summer 2022, analyzing cybersecurity trends and attack methods from the first quarter of 2022.
The report features research from Trellix Threat Labs into connected healthcare and access control systems. It also includes analysis of email security trends and details the evolution of Russian cybercrime related to the conflict in Ukraine where new malware or methods have yet to be observed. Key findings:
Increased Threats to Business Services: Companies providing IT, finance and other types of consulting and contract services were targeted by adversarial actors more often, demonstrating cybercriminals desire to disrupt multiple companies with one attack. Business services accounted for 64% of total U.S. ransomware detections and was the second most targeted sector behind telecom across global ransomware detections, malware detections, and nation-state backed attacks in Q1 2022.
Ransomware Evolution: Following the January arrests of members of the REvil ransomware gang, payouts to attackers declined. Trellix also observed ransomware groups building lockers targeting virtualization services with varied success. Leaked chats from the quarter’s second most active ransomware gang, Conti, which publicly expressed allegiance to the Russian administration, seem to confirm the government is directing cybercriminal enterprises.
Email Security Trends: Telemetry analysis revealed phishing URLs and malicious document trends in email security. Most malicious emails detected contained a phishing URL used to steal credentials or lure victims to download malware. Trellix also identified emails with malicious documents and executables like infostealers and trojans attached.
“With the merging of our digital and physical worlds, cyberattacks cause more chaos in our daily lives, Adversaries know they are being watched closely; the absence of new tactics observed in the wild during the war in Ukraine tells us tools are being held back. Global threat actors have novel cyber artillery ready to deploy in case of escalation and organizations need to remain vigilant.”
-Christiaan Beek, Lead Scientist and Senior Principal Engineer, Trellix.
The Threat Report: Summer 2022 leverages proprietary data from Trellix’s network of over one billion sensors, open-source intelligence and Trellix Threat Labs investigations into prevalent threats like ransomware and nation-state activity. Telemetry related to detection of threats is used for the purposes of this report. A detection is when a file, URL, IP-address, suspicious email, network behavior or other indicator is detected and reported via the Trellix XDR ecosystem.
Additional Resources
Trellix Threat Center
Trellix Threat Labs Blog
The Threat Report: Summer 2022
About Trellix-
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security.
Read More