NSX

What is VMware AppDefense?

What is VMware AppDefense? We take a closer look at this new security product from VMware that integrates with NSX to ensure integrity of VMs
Brandon LeeSeptember 14, 2017Last Updated: January 11, 2021
2 minutes read
AppDefense-ensures-application-integrity-on-Virtual-Machines
AppDefense-ensures-application-integrity-on-Virtual-Machines

One of the exciting announcements that was made out of VMWorld was the release of AppDefense. This security product helps to bolster what VMware NSX can do from a security standpoint and augment those features and extend the capabilities and proactive actions that can be taken when a security event happens. What is VMware AppDefense and what can it do for an organization from a security standpoint?

What is VMware AppDefense?

VMware AppDefense builds on the security foundation of VMware NSX. NSX allows organizations to implement microsegmentation into the environment at the hypervisor level so that only network resources that need access will gain access to certain resources in the environment. This extends beyond simple IP access rules as policy can be built from dynamic groups comprised of Active Directory users as well as based on the machine name or OS version, etc.

AppDefense takes the security posture of NSX one step further and provides the functionality to secure the endpoint if anything malicious makes it through the network defenses. AppDefense proactively detects anything that makes it through the network defenses and automatically triggers responses from a vSphere perspective. The automatic responses can include:

  • Blocking process communication
  • Snapshotting a VM for forensic analysis
  • Suspending or shutting down a VM if malicious software is detected

The core of AppDefense focuses on protecting applications that are running on virtualized or cloud environments. It creates a least privileged environment on the compute stack. With any given system, you see lots of processes running behind the scenes. Malicious are constantly targeting running processes to manipulate, add, or alter them. ย AppDefense enforces the model of least privilege. It watches the processes running and makes sure they continue to run as they initially were intended to run.

AppDefense-ensures-application-integrity-on-Virtual-Machines
AppDefense ensures application integrity on Virtual Machines (courtesy of VMware)

Provisioning AppDefense is simple. ย You turn it on and it plug into the hypervisor and starts learning about the environment. You simply tell the system what you want to happen if what is running doesn’t match what was intended to run. This helps to shrink the attack surface overall. When thinking about the possibilities of utilizing AppDefense for security, this adds tremendous value to the 3rd party ecosystem utilizing AppDefense and they can tap into the power of AppDefense with their products, etc.

AppDefense has built in defenses to protect itself as well. It is part of the VMware hypervisor and has a special, isolated, protected process that runs to continually monitor virtual machines. This drastically reduces the likelihood of AppDefense being compromised.

Takeaways

What is VMware AppDefense? ย As shown, it is a powerful new tool introduced to take the security of NSX a step further by implementing and enforcing least privilege for running processes and ensuring those processes are still running as they were intended to run without manipulation. ย AppDefense will help to extend the partner ecosystem with security products now being able to tie into the power of AppDefense with NSX and continue to enforce the integrity of production workloads.

Brandon LeeSeptember 14, 2017Last Updated: January 11, 2021
2 minutes read

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Photo of Brandon Lee

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

Installing-VMware-Tools-Guest-Introspection

What is VMware NSX Guest Introspection and how is it configured?

January 29, 2018
Creating-a-new-VMware-NSX-Logical-Switch

What is VMware NSX VXLAN

July 20, 2017
Software defined networking capabilities in VMware NSX

VMware NSX-T 4.0.0.1 has a new name and new features!

August 8, 2022
Failed-to-add-a-vSphere-Distributed-Switch-VMkernel-adapter-on-ESXi-Host

Failed to add a vSphere Distributed Switch VMkernel adapter on ESXi Host

January 7, 2019

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | VirtualizationHowto.com