Intrinsic security is a different approach to securing workloads which VMware strives to encourage customers to adopt. It leverages the infrastructure and control points natively across any app, cloud or device, combined with threat intelligence.

In August 2019, VMware acquired Carbon Black for $2.1B, a company focused on securing modern cloud-native workloads. One of the biggest announcements of VMworld 2020 included VMware launching VMware Carbon Black Cloud Workload.

This new product provides agentless security for virtual machines on vSphere. This solution greatly simplifies the operations in the virtual environment while reducing the surface of attack and enforcing internal policy compliance. No more deploying and managing antivirus software with costly vulnerability scans across all the virtual machines every night.

Carbon Black will be able to protect all kinds of devices ranging from Windows and Linux to Cloud workloads in GCP or AWS and in the future Kubernetes into Tanzu.

The security aspect is now a native part of the virtual machine’s lifecycle which will also reduce the risk of rogue VMs with no antivirus. VMware is also working on integrating it with Kubernetes environments.

The security risk console is embedded into vCenter Server via a vSphere plug-in and provides the same information as the Carbon Black Cloud interface with an inventory of the protected VMs per OS, vulnerability management. You can sort the view per workload or per vulnerability and gain insight into the threats in your environment.

You can display workloads that have the protection deployed and which need to be protected. The protection of a VM can be enabled in vCenter by a single click of a button. Once the protection is enabled on a workload, you gain almost instant visibility of all the vulnerabilities that an asset has, sorted per risk. You can drill down to the vulnerability and get insight into its nature and how to mitigate it.

The Next-Generation Anti-Virus feature (NGAV) that checks the workloads against more than 2000 threat artefacts offers the ability to apply prevention policies and provides a full view of behavioural events while protecting against malware and non-malware based attacks.

Conclusion

Once again VMware strikes with a company acquisition onboarded into their portfolio in just one year. The company’s drive towards native security compliance and cloud enablement fits nicely with its roadmap for a comprehensive cloud offer.

Would you prefer carrying one multi-purpose screwdriver without different size heads tucks into the handle or a range of 20 different sized screwdrivers? This is the analogy that can be used for Carbon Black against Legacy third-party Anti-virus vendors. Many infrastructure engineers and administrators will be interested in this new product as it will enable them to seamlessly manage the security and risk environment from the comfort of their vCenter server while removing the overhead of managing antivirus versions and deploying an agent for each vendor-centric feature on each and every VM in the datacenter.

VMware Carbon Black Cloud Workload will be generally available in November 2020.

Note that VMware will offer a free trial of VMware Carbon Black Workload Essentials for current vSphere and VCF customers through April 2021.