In trying to combat the increasing complexity of networks and the sprawl of different applications for managing security, VMware is looking at virtualisation as a way of simplifying the application of encryption to the network through their new Distributed Network Encryption, or DNE, platform.
Here’s the problem VMware is trying to address with DNE.
On one side of the equation, you have your key infrastructure such as databases, servers and the network. On the other are all the different security tools you have. Each tool looks after a specific point or limited number of points of your infrastructure.
The challenge is making sure it all stays in sync and that every portion of the network is appositely protected — something that can become very challenging when things change constantly and you have to integrate external service providers.
VMware, not surprisingly, sees virtualisation as an answer to this. DNE is a virtualisation layer that connects your infrastructure and security tools so you can use a simple drag and drip interface to apply encryption to a specific network segment. That segment covers the network connection, databases and cloud services. So, it’s not limited to just on-premises systems.
In a completely staged and scripted demonstration at RSA Conference 2016, I saw VMware CEO Pat Gelsinger and some his team demonstrate DNE. The demonstration went off perfectly with a before and after view of a database being hacked. Naturally, the database was totally owned before DNE and then completely secured once a network tech simply dragged and dropped encryption onto the vulnerable network segment.
What the demonstration showed was how easy it was to secure a previously vulnerable system. However, there was no indication of the complexity configuring such a tool required or what other tools were needed behind the layer of abstraction provided by the virtualised interface.
Anthony Caruana attended the RSA Conference in San Francisco as a guest of RSA.