VMware VMWorld is one of the pinnacle events that take place each year in the world of virtualization and technology in general. As is typically the case, there was exciting news coming out of VMWorld this past week with new vSphere releases. The first day of VMWorld included announcements from VMware citing the release of VMware vSphere Platinum and vSphere 6.7 Update 1. Both of the announced releases are a continuation of the evolution of the VMware vSphere product line featuring exciting new features and functionality for the enterprise. VMware’s releases continue the progress of what is termed the digital revolution that many organizations are undergoing.
Let’s take a look at both VMware vSphere Platinum and vSphere 6.7 Update 1 and see the new features and functionality contained within both.
VMware vSphere Platinum Features
VMware certainly has set its sights on the security realm and solving many of the business problems that have security as the focus. We have seen the evolution of VMware with a security focus with the continued functionality contained within NSX as well as the new VMware AppDefense product. With the new security focused VMware, the new VMware vSphere Platinum release should come as no surprise.
VMware vSphere Platinum is a release of vSphere that sets its sights on security as the primary focus. Let’s see what is contained within the Platinum offering. VMware vSphere Platinum contains these key features focused on security:
- Brings together the best security features of vSphere combined with AppDefense
- Allows purpose-built security focused VMs
- Using VMware AppDefense the behavior intent of a virtual machine can be determined
- AppDefense creates a baseline for a virtual machine of running processes, etc that allows profiling of the behavior. If the behavior that is outside the scope of the normal behavior profile, security remediation actions are invoked
- Changes in the known good “state” of a virtual machine represent a change in the state of the virtual machine that AppDefense can then remediate
- Allows visibility for vSphere administrators to see what behavior virtual machines are exhibiting in normal scenarios vs a compromised state
- Provides application visibility for both vSphere administrators as well as security teams to understand the connections made and behavior of business-critical applications
VMware vSphere Platinum uses VMware AppDefense.
What is VMware AppDefense?
AppDefense creates a baseline of activity and application intent on a virtual machine. You can think of it as it creates a fingerprint for a “good” VM state. If the fingerprint changes for the virtual machine, the known good “identity” of the virtual machine is viewed as changed. AppDefense uses machine learning to profile the virtual machine. It provides the following:
- Application-centric alerting for the SOC – Doesn’t produce the noise that many threat monitoring solutions do. It is intelligent and only alerts when there is a reason to raise alarm
- Provides contextual intelligence that removes guesswork in determining changes that are legitimate and those that are perhaps caused by threats
- AppDefense responds with precision by utilizing VMware NSX Data Center to automatically block process communication, snapshot the VM for forensic analysis, or suspend/shut down the virtual machine
- Self-protects itself – AppDefense runs in the hypervisor inside a protected isolated environment that is guarded against itself being compromised
VMware vSphere Platinum also makes use of the following:
- FIPS 140-2 VM Encryption and encrypted vMotion across vCenters – Protects data in flight and at rest
- Secure Boot for ESXi – Protects the boot environment on the ESXi host itself from compromise and ensures the boot environment only runs signed code
- Secure Boot for VMs – This provides the same security functionality to protect the boot environment of the virtual machine from compromise
- TPM 2.0 support for ESXi – Ensures hypervisor integrity by assisting the validation of the secure boot process by attestation
- Virtual TPM 2.0 – This provides the attestation for guest operating system security features
- Support for Microsoft Virtualization Based Security – Microsoft VBS provides security features such as Credential Guard that protects security
The vSphere Platinum version is certainly focused on security. Keep in mind that current vSphere versions (vSphere 6.7, etc) have many of the same security features built in such as encryption, secure boot, VBS capability, etc, however, vSphere Platinum adds AppDefense bundled in and provides the entire bundle of the vSphere suite geared toward security.
VMware vSphere 6.7 Update 1
The newest release of vSphere dubbed vSphere 6.7 Update 1 is an exciting step forward for the vSphere suite of products in a number of ways. Perhaps the most appealing aspect of this version of vSphere is, it is the first official release of vSphere sporting the fully functional HTML5 vSphere web client. For quite some time now VMware has teased about the release of the fully functional HTML5 interface that will take the place of the “Flex” Adobe Flash powered client. With each new version the HTML5 UI has been more and more complete. With vSphere 6.7 Update 1, the fully functional release has come to fruition.
What new features are included in vSphere 6.7 Update 1?
- HTML5 vSphere Client fully functional – No more switching between administrative interfaces to accomplish workflows. While all have been excited to use the HTML5 vSphere client in each release, it has been cumbersome to switch between the two to accomplish real workflows. The wait is over for the one pane of glass management interface with this release.
vCenter Server Converge Tool – This has been a highly anticipated tool to allow migrating from external Platform Services Controller configurations to the embedded PSC architecture - New HCI and vSAN enhancements – New vSAN enhancements, including unmapping feature, Firmware updates through VUM and Cluster Quickstart Wizard
- Enhanced Content Library – This new feature allows importing OVA templates from a HTTPS endpoint and local storage as well as synchronizing content from OVA templates to other vCenter Servers
- vMotion for NVIDIA vGPU and support for Intel FPGA – New capabilities enhancing the operational flexibility and utilization of accelerated NVIDIA vGPU solutions. Additionally, VMware has expanded hardware support for Intel FPGA
Concluding Thoughts
The VMware releases that happened in VMWorld 2018 have certainly been exciting. Included among those are the vSphere Platinum release that is part of the VMware vSphere 6.7 Update 1 release which is itself also new. VMware has set its sights on security with the Platinum release. This release bundles all the relevant security features contained in vSphere along with AppDefense.
AppDefense is VMware’s new application security solution that baselines virtual machines and creates a state profile that is used to recognize any change in the state that would alert to malicious activity or possibly compromise. With vSphere Platinum, AppDefense is tightly nitrated with vSphere to allow integration and management of the two products in a seamless fashion. VMware vSphere 6.7 Update 1 is the latest and greatest release from VMware that touts all the latest features including the new fully functional HTML5 interface.
Additional enhancements including the vCenter Server Converge utility that helps migrate from the external Platform Services Controller to the embedded PSC architecture, new vSAN and HCI enhancements, enhanced content library, and support for NVIDIA vGPU and support for Intel FPGA. With all of the new features, this is certainly the most powerful vSphere release to date and will certainly be a worthy successor for organizations to look to for an upgrade.
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.