ForeScout Technologies has introduced its ForeScout data center security solution for VMware environments. Expanding on its existing technology collaboration with VMware, ForeScout’s data center security solution will now provide enhanced security and compliance for organisations by discovering, classifying and assessing endpoints across traditional and software-defined data centers. ForeScout will help VMware NSX® customers further improve security through consolidated visibility across virtual and physical infrastructures, reduced attack surface and enforced segmentation policies in heterogeneous environments.
“As enterprises shift from traditional to software-defined data centers, IT organisations are struggling to detect rogue, non-compliant, unmanaged virtual machines and devices,” said Michael DeCesare, president and CEO, ForeScout. “While virtualisation and cloud solutions provide much needed flexibility, having comprehensive visibility in those environments is essential to preventing blind spots. ForeScout’s interoperability with VMware NSX is part of our broader strategy to help provide customers with visibility and control across their network infrastructure from the campus to data center to cloud. You can only secure what you can see.”
As networks continue to evolve and organisations adopt IoT devices and virtualisation, cyberattacks can take advantage of any visibility and control gaps. If rogue, non-compliant, unapproved, zombie and orphan virtual machines go undetected, they can increase an organisation’s attack surface and open the door for hackers to exploit weak links, access shared resources, or move laterally across a network to obtain sensitive information. As such, organisations need visibility across the network infrastructure to validate virtual machine and device properties as well as stronger security controls to prevent new attack vectors.
Security analysts leveraging ForeScout’s new data center security solution for VMware will be able to maximise existing security investments to improve the following:
· Visibility: Improve visibility into software-defined data centers as virtual machines are created, moved, off-lined or retired. Validate virtual machine properties using a policy-based approach to help true-up asset inventories and configuration management databases (CMDB) with more up-to-date information about connected virtual machines and their associated properties.
· Compliance: Assist customers in adhering to security best practices and virtual machine hardening standards. Automate compliance checks to measure against standardised guidelines and initiate remediation actions to mitigate risk from non-compliant or rogue virtual machines.
· Resource Optimisation: Help maximise capacity of virtual machine infrastructures and optimise utilisation by proactively identifying zombie and orphan virtual machines to reduce virtual machine sprawl and prevent unnecessary consumption of resources.
· Risk Mitigation and Response: Verify security profile and posture of virtual machines and apply appropriate VMware NSX security tags to enforce segmentation policies, isolate non-compliant endpoints and facilitate remediation actions.