Project Goldilocks, VMware’s New Plan for Firewalls

Sep 23, 2016 | blog

Goldilocks sleeps between two curious bears
Almost every day, the virtualization industry takes a giant leap forward. Although this industry has been reserved for only the most technologically advanced of businesses over the years, it’s spreading like wildfire with advances in cloud computing. As engineers create virtual versions of hardware, storage, and even networks, digital architects are coming up with entirely new ways to design your IT framework. Today’s development comes in endpoint security, and we’ve got everything you need to know right here.

A virtual network is a way to connect two or more devices that aren’t physically linked by wires or cables. From the perspective of machines on a virtual network, they’re essentially sitting in the same room — even if they’re on opposite sides of the globe. The advantages of this setup range from ease of management to reduced hardware costs. AT&T and Verizon have begun offering these services, and small- and medium-sized businesses have slowly begun to adopt them.

Meanwhile, another sector of the IT world has been making its own advances. Cutting-edge hardware firewalls are beginning to offer internal segmentation as a method of separating pieces of your internal network to keep them safe from threats that spread internally. The more segments you have, the safer your network is from poorly protected neighbors. But there are limits to how much capacity one of these hardware firewalls has for segmentation.

Virtualization giant VMware has taken notice and developed a prototype to combine these two services. In the hopes of unleashing ‘microsegmentation’ from the limits of physical hardware, Project Goldilocks will essentially create a virtual firewall for every virtualized application. When one of these applications is created or installed, it will come with a ‘birth certificate’ outlining every acceptable function it can perform. When making requests to the operating system, network, or hardware the application is installed on, Goldilocks will cross-reference the request with the birth certificate and deny anything that hasn’t been given permission.

Segmenting virtual networks and applying them to individual applications rather than entire networks or operating systems could revolutionize the market for endpoint security. Not only would it be easier to block malware infections, but those that made it through could be quarantined and terminated immediately because of the virtual nature of their location.

While virtualization may be a complicated state-of-the-art technology, all it really takes is a helping hand. With our full team of specialists, we’re ready to pull you into the next stage of your virtualized infrastructure. All you need to do is reach out us — why not do it today?

Recent Posts

Use Cases for Co-Managed IT Services

Use Cases for Co-Managed IT Services

Meeting the IT needs of a business using internal resources can be difficult and expensive. Meanwhile, outsourcing IT services may prompt questions about control and security. One of the ways the market has evolved is through Co-Managed IT Services, which provide a...

The Tempo of Cybersecurity

The Tempo of Cybersecurity

You are probably thinking to yourself, “oh great, another cybersecurity article”. I feel the same way sometimes, that I’ve become numb to the statistics, and I just want to go back to a time when we didn’t have to consider unscrupulous threat actors trying to take...

Co-Managed IT is NOT the Same as Managed IT

Co-Managed IT is NOT the Same as Managed IT

All too often, small business owners try to decide about IT investments without a complete understanding of the options available. One place where this confusion often shows up is when trying to understand the difference between co-managed IT services and managed IT...