VMware Service-defined Firewall is a network security solution designed specifically to mitigate threats inside a data center or cloud network. This new approach to firewalling establishes a verified understanding of known good application behavior and generates adaptive security policies to shrink the application attack surface consistently, across on-premises and multi-cloud environments.
Curious about the attacks the Service-defined Firewall can mitigate? Read this report on the attack vectors we tested it against.Read the Report
Service-defined Firewall leverages its position in the hypervisor for full stack visibility and control of applications and the services that comprise them. This allows for the ability to generate and enforce security policies at the network and process-level of applications, without the need for additional agents on the workload.
Application Verification Cloud combines artificial intelligence with human intelligence and applies both to the problem of building and verifying a model of “known good” application behavior. Armed with a verified model of known good application behavior, the Service-defined Firewall easily defines policies to ensure that run-time behavior doesn’t deviate.
Because the Service-defined Firewall is delivered in software, it can run everywhere applications run, ensuring consistent enforcement of security policies across VMs, containers, or bare metal servers, whether they are hosted on-premises or in the public cloud.
You wouldn’t use a screwdriver to dig a hole in the ground, so why use a perimeter firewall to secure the inside of your network? Shrinking the attack surface inside the network perimeter is complicated and requires a specialized tool. VMware Service-defined Firewall is exactly that, a purpose-built solution for protecting your applications against lateral movement and other attack vectors unique to the inside of your environment.