VMware Launches Service-Defined Firewall for Intrinsic Security

New Zealand-based outdoor clothing retailer Kathmandu is urgently investigating a potential breach of customer card data harvested from its websites. There are a number of different ways to think about security and how it should be implemented. For Tom Gillis, senior vice president and general manager for Networking and Security at VMware, security should be an intrinsic capability. An intrinsic security capability is not one that is bolted on, but rather is deeply integrated into the operational workflow of a given deployment. As part of VMware's intrinsic security approach, the company recently announced its Service-Defined Firewall, which is an intent-based system to help automatically determine firewall policies for workloads. In a video interview with eWEEK, Gillis outlines what the intrinsic security model is all about. "The approach that most infrastructure companies take is, 'Hey, let's take security and integrate it.' That makes it more convenient to deploy and consume, but you're not changing the way the firewall behaves," Gillis said. "When I talk about intrinsic security, I'm talking about the things that we can do uniquely, the things that are intrinsic to the virtualization platform." Gillis added that the virtualization platform provides the ability to inspect every packet, since it's already part of the data path. Virtualization also provides insight into the topology and components of an application, which makes it easier for a security control to fully understand what is going on.