Login

VMware Ups Its Cyber-Resiliency Game With NSX+ and Ransomware Recovery

VMware Ups Its Cyber-Resiliency Game With NSX+ and Ransomware Recovery

The News: At its VMware Explore conference, VMware announced new and enhanced existing capabilities for cyber-resiliency. Specifically, it launched its VMware NSX+ and NSX+ VPCs offerings, and it enhanced its Ransomware Recovery service. Additional detail is available in VMware’s press release.

VMware Ups Its Cyber-Resiliency Game With NSX and Ransomware Recovery

Analyst Take: Cyber-crime is continually on the rise and evolving. As a result, approaches for software-defined networking (SDN) are evolving to embrace principles of Zero Trust, in order to inhibit malicious access to the IT environment. Additionally, The Futurum Group sees demand for post-attack forensics and accelerated attack recovery. Arguably most critical is the ability to streamline operations for security and operations teams, to facilitate necessary collaboration against a backdrop of limited headcount and a rapidly changing threat landscape.

In response to these challenges, VMware launched its Ransomware Recovery Solution in Fall 2022. Futurum Labs had the opportunity to audit this solution. As will be discussed in our forthcoming Lab Insight report, we found the offering to be highly scalable, with value-adds including the ability to create secure copies via the Scale-out Cloud File System, as well as the ability to create customizable, automated disaster recovery (DR) workflows and orchestration.

As announced at VMware Explore 2023, VMware is enhancing its Ransomware Recovery service for cyber-resiliency that is sold as an add-on to VMware Cloud Disaster Recovery. The offering is designed to accelerate ransomware recovery with minimal data loss, and it is delivered as an integrated software-as-a-service (SaaS) solution. Specifically, it includes:

  • The creation of immutable backup copies that are operationally air-gapped in VMware’s Scale-out Cloud File System (SCFS).
  • Access control via authentication and role-based access control (RBAC) and optional multi-factor authentication (MFA).
  • Utilization of policy-based plans protection plans to determine the number, type, and location of copies, as well as the ability to more quickly execute recoveries of complex applications.
  • The ability to create a variety of recovery points that are minutes, months, or even years old – balancing the ability to mitigate data loss with near-term retention, with the ability to address situations where ransomware has been in the environment for a long time as well as forensics situations via deeper retention.
  • The ability to create an isolated recovery environment (IRE) that prevents reinfection from potentially-compromised systems during the validation process.
  • From a complementary perspective to the IRE, a wizard-driven recovery workflow that helps to rapidly validate multiple virtual machines (VMs), by first choosing recovery points, and powering on those VMs into the IRE to enable live behavioral analysis with validation scanning from VMware Carbon Black. This process enables security and IT teams to evaluate each VM independently prior to moving a known good copy back into production.
  • The ability to granularly recover specific files or folders, allowing for the recovery of more recent recovery points without risking re-infection by bringing the entire associated VM into a production inventory.

To the service, VMware has added the ability to protect Google Cloud VMware Engine workloads, as well as support for concurrent multi-VM recovery operations to further expedite recovery operations and reduce downtime. Additionally, slated for availability in Q3FY24 is the ability for customers to run production workloads in the cloud until forensics are completed. Also previewed at the event was what VMware is describing as a new “cybersecure storage;” specifically, customers will be able to integrate the Ransomware Recovery workflows with native vSAN snapshots. Not only does this stand to help optimize data transfer operations, it also can help customers to reduce the amount of data loss resulting from an attack.

In an additional response to customers’ evolving cyber-resiliency requirements, at VMware Explore 2023, VMware announced NSX+, previously called Project NorthStar, in order to enable consistent operations for networking and security across multi-cloud VMware Cloud environments. This includes centralized policy creation, deployment, and enforcement for security, comprehensive visibility across the network, and network detection and response (NDR) – all delivered as a cloud-hosted managed service. It also has launched NSX+ virtual private clouds (VPCs), which allows for network isolation on multi-tenant VMware cloud infrastructure via the centralized NSX interface. This enables organizations to set up dedicated, self-service environments for specific development or application teams, while still allowing IT operations teams to set operational guardrails for isolation.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

VMware Doubles Down on Cross-Cloud Services

Breaking Down the Myths on Broadcom-VMware

Broadcom-VMWare Deal Approved by EU

Author Information

Krista Case

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

SHARE:

Latest Insights:

Altimeter and ARK Lead $100M Round in Hammerspace to Strengthen AI Infrastructure Performance
Brad Shimmin
Brad Shimmin

Altimeter and ARK Lead $100M Round in Hammerspace to Strengthen AI Infrastructure Performance

Brad Shimmin, VP and Practice Lead at The Futurum Group, examines why investors behind NVIDIA and Meta are backing Hammerspace to remove AI data bottlenecks and improve performance at scale.
Will Tableau’s New Enhancements Drive Use of Agentic AI Across the Enterprise
Brad Shimmin
Brad Shimmin & Keith Kirkpatrick

Will Tableau’s New Enhancements Drive Use of Agentic AI Across the Enterprise?

Looking Beyond the Dashboard: Tableau Bets Big on AI Grounded in Semantic Data to Define Its Next Chapter
Futurum analysts Brad Shimmin and Keith Kirkpatrick cover the latest developments from Tableau Conference, focused on the new AI and data-management enhancements to the visualization platform.
Partnering For Success: Field Alignment, Earnings, and Readiness with Google Cloud- Six Five On the Road
Tiffani Bova
Tiffani Bova

Partnering For Success: Field Alignment, Earnings, and Readiness with Google Cloud- Six Five On the Road

Colleen Kapase, VP at Google Cloud, joins Tiffani Bova to share insights on enhancing partner opportunities and harnessing AI for growth.
Ericsson Goes Wireless-First for AI Enterprises
Ron Westfall

Ericsson Goes Wireless-First for AI Enterprises

Ericsson Introduces Wireless-First Branch Architecture for Agile, Secure Connectivity to Support AI-Driven Enterprise Innovation
The Futurum Group’s Ron Westfall shares his insights on why Ericsson’s new wireless-first architecture and the E400 fulfill key emerging enterprise trends, such as 5G Advanced, IoT proliferation, and increased reliance on wireless-first implementations.
Become a Client

The Futurum Group

(833) 722-5337

501 West Ave., Suite 2102
Austin TX 78701

Linkedin Youtube Facebook

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence
Login to Futurum Labs Research Library

Book a Demo

Thank you, we received your request, a member of our team will be in contact with you.