One of the exciting announcements from VMworld for me was the release of AppDefense. This is VMware’s new security product within the SDDC area.
Conceptually, the idea is to create a protected or “Goldilocks zone” for security products to scan both infrastructure, network and application based information to understand expected behaviour within the DC.
Once expected is understood, automation can be used to flag high risk or ultimately provide orchestrated remediation.
Utilising the position of the ESXi hypervisor in the datacenter is a interesting approach from a technical perspective. It has been successfully done within the storage and network space recently with vSAN and NSX. This product looks equally compelling.
With its SaaS based approach, and links into 3rd party products it has some very useful use cases.
From a technical perspective there is a lot going on within the simple looking architecture.
Created at day 1 with support for windows 2012 / 16 guests, it shows great promise with planned Linux support in the coming months.
I created a mind map to help me summarise the key business and technical points into a one pager.
Hopefully, this is useful to others
The resources I used to get some understanding of the product are shown below;