VMware AppDefense (discontinued)

Score4 out of 10

16 Reviews and Ratings

Community insights

TrustRadius Insights for VMware AppDefense (discontinued) are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

Clever Approach: Users have appreciated the cleverness of AppDefense's approach, with some mentioning that it sets the product apart from others in the market. They find the concept of having a baseline of normal behavior to monitor to be unique and valuable.

Performance-friendly: Many users have praised AppDefense for not overloading their systems with performance-draining agents. This aspect of the product is seen as beneficial since it does not negatively impact system performance.

Integration with VMWare products: Several users mention that the integration with VMWare products is a positive aspect of AppDefense. They find it convenient and important to seamlessly integrate AppDefense with their existing VMWare infrastructure because they already use or plan to purchase VMWare products.

Reviews

7 Reviews

VMware AppDefense makes sense and is easy to deploy

Rating: 10 out of 10

Incentivized

October 12, 2019

Use Cases and Deployment Scope

It is being used to add another layer of security in our data center. AppDefense so far has given IT the visibility inside the managed Virtual Machines and what processes are running. It gives us the ability to be alerted if new or rogue processes are running and if those processes are communicating to public IP and which port.

Pros

Configuration and deployment were simple.
Consuming the data from the OS and presenting it to the user with simplicity.
AppDefense Manager has built in Online Chat Support, so it is easy to reach a representative for assistance.

Cons

PowerShell functionality.
Sorting results in some areas are not applicable.
Email alerting through AppDefense Manager does not exist, but support has said it is a feature to come.

Likelihood to Recommend

We have a small IT team, so the added visibility of seeing processing inside the virtual machine is an added benefit. To be able to lock down more infrastructure for secure proposes is an added benefit.

Verified User

Administrator in Information Technology (51-200 employees)

Vetted Review

1 year of experience

Recently Implemented AppDefense

Rating: 9 out of 10

Incentivized

July 30, 2019

Use Cases and Deployment Scope

It is presently being used at our corporate site to provide an additional layer of security.

Pros

Ease of installation
Integration with carbon black

Cons

Alerting
Deleting the groups wasn't obvious

Likelihood to Recommend

I believe it's well suited for SMB's that have a larger number of VM's/hosts as well as an antivirus vendor that hooks into AppDefense.

Verified User

Manager in Information Technology (501-1000 employees)

Vetted Review

First year on AppDefense

Rating: 7 out of 10

Incentivized

July 29, 2019

Use Cases and Deployment Scope

Our current organization goals revolve around improving security and easing the manageability of our systems, two things that often don't correlate with each other. Some items of that process include building a more robust RBAC model, micro-segmenting our network and gaining 24/7 visibility of what's happening on our VMs. To accomplish those goals, we landed on using the combination of AppDefense, NSX and Carbon Black. NSX with its Active Directory integration greatly limited the East/West exposure to each of our VMs. Once we ironed out the connections needed for each VM we monitored a 30, 60, and 90 day baseline with AppDefense and Carbon Black. It was noisy in the beginning but once established we have better visibility to our VMs when something out of the ordinary is happening.

Pros

Understanding normalized operations and resource usage of VMs at the guest level
Fine grain control of of guest level operations

Cons

Steep learning and a lot of moving pieces
Very new product and Carbon Black is the only 3rd party vendor that can integrate
Limited information and training. We've never been to VMworld but it was barely mentioned at the VMUG UserCons we've attended

Likelihood to Recommend

Being a VMware product, AppDefense has the advantage of compatibility with all of the VMware product feature updates and patches ( ESXi, NSX, vCenter, etc.). Paired with Carbon Black, it's resource overhead is well-tuned compared to traditional antivirus products.

Verified User

Administrator in Information Technology (201-500 employees)

Vetted Review

1 year of experience

Still a young product with big potential. This is the future of security.

Rating: 7 out of 10

Incentivized

July 29, 2019

Use Cases and Deployment Scope

VMware AppDefense is being used across the organization to protect internal assets from lateral movement in case of a breach. We have a mixed environment of virtual machines. We have virtual machines dedicated to our clients, in addition to server virtual machines that provide services to all of our employees and clients.

Pros

Provides detailed process and command-line information.
Provides visibility into what connections are being made to/from a specific server/service.
Ability to group multiple VMs into service groups for proper correlation.

Cons

No ability to display network owner information in alerts (i.e. AS number/Network owner name of a public IP).
No ability to resolve IP addresses for display in alerts.
Setup, classifying, and configuring all of the requisite process rules is tedious.

Likelihood to Recommend

VMware AppDefense appears to be well suited for environments where the number of expected applications in use and network connections remains fairly static (i.e. highly secured environments). Even in our case, our processes are mostly static but still required a lot of initial input to get rules set up correctly.

VMware AppDefense does not currently seem well suited for environments that have a lot of dynamic processes and network connections.

Verified User

Team Lead in Information Technology (51-200 employees)

Vetted Review

Innovative Approach to Application Behavior Monitoring

Rating: 10 out of 10

Incentivized

July 26, 2019

Use Cases and Deployment Scope

Currently NAES has been deployed at the corporate headquarters with plans to roll out to remote offices and subsidiaries. Our initial use is to gain visibility into our east-west traffic in preparation for implementing NSX. We also use it to alert us to anomalous behaviors.

Pros

I think that the AppDefense approach is clever and sets it apart from other products. Having a baseline of normal behavior that I can see is something I haven't seen in another product before.
AppDefense doesn't overload my systems with performance draining agents.
AppDefense integrates with VMWare products I have or plan to purchase.
Access to AppDefense support has been better than any other VMWare products.

Cons

The installation and update process is time consuming and requires too many reboots.
Bare metal support is very badly needed.
Reporting is weak. I need to pull information out that shows regulatory compliance requirements are being satisfied.
When I whitelist or blacklist a process there are no fields to track why that decision was made.
Blacklisting doesn't do what I thought it was doing.
Some basic AV should be included to satisfy regulatory requirements.

Likelihood to Recommend

I believe that the product is priced well enough that a small business that is concerned with data center security can justify using the product. My environment hasn't scaled up very far yet, but I am a little concerned that when we get to a certain point, the management console will get full and be more difficult to track. An enterprise customer might see that as a problem.

Troy Mayes

Systems Engineer in Information Technology at NAES Corp (5001-10,000 employees)

Vetted Review

knowledge is power

Rating: 8 out of 10

Incentivized

July 24, 2019

Use Cases and Deployment Scope

AppDefense is used across the organization. It monitors "normal" application activity in the city and notifies if there is any abnormal activity detected. It gives us further view into the connections to an application or system and the ports that are used.

Pros

More visibility into my VM environment

Cons

Notification: send an email or a text for any alerts

Likelihood to Recommend

Critical applications.
Monitors internal application function. provides granular information on connectivity.

David McDonald

Systems Administrator in Information Technology at City of Birmingham (1001-5000 employees)

Vetted Review

1 year of experience

Thoughts and Insights about VMware AppDefense

Rating: 9 out of 10

Incentivized

July 10, 2019

Use Cases and Deployment Scope

VMware AppDefense is installed in our virtual environment on all of our Windows VMs. It protects servers across multiple departments in the whole organization. It provides a layer of protection and visibility against bad server processes.

Pros

Easy to install and maintain.
Easy to interpret GUI to access status.
Very good support.

Cons

New product had some growing pains.
Email notifications need to be added.
Upgrade process needs to be more automatic.

Likelihood to Recommend

If you have a virtual environment, then VMware AppDefense is a cost-effective additional layer of security that can easily be added to that environment. It provides valuable visibility and protection into the processed running on your VMs. It is sold per socket, so if you don't have many VMs on your host it wouldn't be as cost effective.

Verified User

Director in Information Technology (501-1000 employees)

Vetted Review

1 year of experience

Loading Reviews List....