vSphere delivers comprehensive, built-in security and is the heart of a secure Software-Defined Data Center (SDDC), delivering secure applications, infrastructure, data, and access.
Protect the integrity of applications running on vSphere, with machine learning and behavioral analytics to monitor against threats and automate or orchestrate responses. vSphere provides visibility into an application’s intended behavior, as well as a detailed inventory of application assets and context. It reduces the attack surface and improves the accuracy and response time to potential threats by tracking any deviations from an application’s “known good state” using machine learning.
vSphere provides a policy driven comprehensive end to end security architecture. vSphere assures integrity for the hypervisor and supports remote host attestations with support for TPM 2.0 hardware modules. The introduction of virtual TPM 2.0 provides support for guest operating system security policies. Prevent images from being tampered with and the loading of unauthorized components with vSphere Secure Boot.
Secure data both at rest and in motion with virtual machine (VM) encryption and encrypted cross-vCenter vMotion. Encrypted VMs not only increase their security posture, but also make protecting data at rest as easy as a mouse click. Protect data in motion with encrypted vMotion across different vCenter instances as well as versions, making it easy to securely conduct data center migrations, including moving data across a hybrid cloud environment (between on-premises and public cloud) or across geographically distributed data centers.
vSphere delivers enhanced audit-quality logging capabilities that provide forensic information about user actions. This enables authorized administration and control by providing high-fidelity visibility into vSphere operations. IT can now better understand who did what, when, and where if an investigation into anomalies or security threats requires it.