New enhancements include Self-Service Lateral Security with VCF Automation, Unified Lateral Threat Prevention for VMs and VKS Workloads, High-Performance Threat Prevention with IDPS Turbo Mode, and Enhanced Distributed Firewall capabilities.
The rapid adoption of production AI workloads is reshaping the enterprise technology landscape, driving the growth of Kubernetes environments alongside existing VM-based infrastructure. As organizations deploy AI agents and AI workloads across private cloud environments spanning VMs and Kubernetes, the attack surface becomes larger and more dynamic. The result is a rapidly evolving threat landscape, driving the need to secure both VM- and Kubernetes-based environments efficiently and consistently.
Recent incidents, including the CISA-reported BRICKSTORM malware activity and the rise of AI-assisted semi-autonomous cyberattacks, underscore that adversaries are now operating at machine speed. At the same time, enterprises face several practical challenges: reducing the attack surface to prevent lateral propagation of threats, securing workloads at the speed of application deployments, enforcing consistent security across VMs and Kubernetes environments, delivering the performance required for AI and high-capacity workloads, and consolidating security within the core platform rather than relying on fragmented point solutions.
VMware vDefend is integrated with the VMware Cloud Foundation (VCF) platform, providing plug-and-play zero-trust lateral security that protects modern distributed workloads, including AI and high-performance computing, without compromising the performance and agility they demand.
vDefend’s hypervisor-native, distributed, software-defined model provides a closed-loop security architecture that uniquely enables visibility, prevention, detection, and mitigation for comprehensive multi-layer defense. Additionally, vDefend’s distributed policy orchestration allows policies to be created once and automatically enforced as workloads are created or moved.
New vDefend innovations for VCF 9.1
- Self-Service Lateral Security with VCF Automation: VCF Automation’s Self-Service Lateral Security enables infrastructure and security teams to establish guardrails, such as predefined VPC security profiles and delegated distributed firewall (DFW) settings, allowing tenant admins to access security features on demand. This facilitates quicker application onboarding and ensures a uniform security baseline across all tenants.
- Unified Lateral Threat Prevention for VMs and VKS Workloads: As agentic AI and cloud-native applications drive Kubernetes adoption, VMware vSphere Kubernetes Service (VKS) clusters can now be inspected and protected by the same high-performance distributed IDS/IPS that currently secures VMs. Security teams get one console, one policy model, and consistent lateral threat prevention across VMs, containers, and bare-metal workloads, eliminating the blind spots attackers exploit. Customers deploy IDS/IPS (1) to meet compliance requirements (PCI-DSS and HIPAA) and (2) to enable virtual patching that quickly protects against software vulnerabilities while patches are rolled out enterprise-wide.
- High-Performance Lateral Threat Prevention: The new IDPS Turbo Mode delivers 3x throughput, increasing from 3 Gbps to 9 Gbps per host and up to 9 Tbps per VCF domain, enabling security teams to protect against software vulnerabilities (virtual patching) and behavioral threat detection for modern AI and high-capacity workloads.
- Enhanced Distributed Firewall Capabilities: A 5x increase in Application Identification support for greater L7 visibility and simpler, granular security enforcement. Additionally, identity-based firewalling now supports a federated (multi-site) environment for consistent, simplified policy enforcement.
More....
Read the full blog by Prashant Gandhi here.