VMware's Service-Defined Firewall Aims to Massively Reduce the Attack Surface

Last week at the RSA Conference in San Francisco, VMware Inc. announced it was launching a new VMware Service-Defined Firewall, a first of its kind in the industry, according to the company.This "internal firewalling" approach aims to reduce the attack surface for both cloud and on-premises environments by combining the capabilities of VMware's NSX platform and its AppDefense security product."Intrinsic security is different than integrated security," said Tom Gillis, VMware's senior vice president and general manager, networking and security business unit, in a prepared statement. "Integrated security repackages existing solutions, such as taking a traditional firewall and making it a blade in a data center switch. It doesn't fundamentally change the firewall. Intrinsic security takes advantage of the unique attributes that are built in to the virtualization platform, allowing us to create very new and unique security services. The new VMware Service-defined Firewall is focused on internal network firewalling and changes the game by validating known good application behavior, rather than chasing threats.