https://media.trustradius.com/product-logos/Hi/RB/0M9RHRJIK3G2.JPEGVMwareInnovative Approach to Application Behavior Monitoring2019-07-26T16:28:34.490ZCurrently NAES has been deployed at the corporate headquarters with plans to roll out to remote offices and subsidiaries. Our initial use is to gain visibility into our east-west traffic in preparation for implementing NSX. We also use it to alert us to anomalous behaviors.,I think that the AppDefense approach is clever and sets it apart from other products. Having a baseline of normal behavior that I can see is something I haven't seen in another product before. AppDefense doesn't overload my systems with performance draining agents. AppDefense integrates with VMWare products I have or plan to purchase. Access to AppDefense support has been better than any other VMWare products.,The installation and update process is time consuming and requires too many reboots. Bare metal support is very badly needed. Reporting is weak. I need to pull information out that shows regulatory compliance requirements are being satisfied. When I whitelist or blacklist a process there are no fields to track why that decision was made. Blacklisting doesn't do what I thought it was doing. Some basic AV should be included to satisfy regulatory requirements.,10,Going from no visibility into this area, we have mostly gained positive impacts. So far the only security issues we have seen were on one of the few bare metal systems that we have.,There has been a real push from management to put traditional AV on my servers. What they were proposing would be a major drain on performance and a nightmare to manage. I, so far, have been able to fight that off by explaining what this product does. At the moment we have not had any anomalous activity inside the VMWare environment.,Visibility gives you a few benefits. First, you can see what established behavior looks like. You are able to see exactly what your applications are doing and gain possible insight into performance issues. Second, if another admin makes changes or adds software, you will be aware of it right away. You also gain insight to what patches and upgrades actually do and the documentation may not reveal. We also expect that when problems occur with applications, this will be a potential troubleshooting tool.,We have had no incidents, but I have worked with support on some minor issues. They are easily accessed and they stay on the issue until it is fully resolved.,10,,vCenter Site Recovery ManagerTroy Mayesknowledge is power2019-07-24T18:03:57.371ZAppDefense is used across the organization. It monitors "normal" application activity in the city and notifies if there is any abnormal activity detected. It gives us further view into the connections to an application or system and the ports that are used.,More visibility into my VM environment,Notification: send an email or a text for any alerts,8,Positive: more information. Another tool to help manage - monitor the environment,It has decreased our insurance cost.,It provides a baseline of normal activityHelps to define "normal",It has not detected a threat in our environment. I hope it never does.,8,vRealize Suite, Veeam Availability Suite, Veeam Backup & ReplicationDavid McDonaldFirst year on AppDefense2019-07-29T20:14:48.154ZOur current organization goals revolve around improving security and easing the manageability of our systems, two things that often don't correlate with each other. Some items of that process include building a more robust RBAC model, micro-segmenting our network and gaining 24/7 visibility of what's happening on our VMs. To accomplish those goals, we landed on using the combination of AppDefense, NSX and Carbon Black. NSX with its Active Directory integration greatly limited the East/West exposure to each of our VMs. Once we ironed out the connections needed for each VM we monitored a 30, 60, and 90 day baseline with AppDefense and Carbon Black. It was noisy in the beginning but once established we have better visibility to our VMs when something out of the ordinary is happening.,Understanding normalized operations and resource usage of VMs at the guest level Fine grain control of of guest level operations,Steep learning and a lot of moving pieces Very new product and Carbon Black is the only 3rd party vendor that can integrate Limited information and training. We've never been to VMworld but it was barely mentioned at the VMUG UserCons we've attended,7,As with everything now, automation is key. AppDefense effectively monitors the activity on all our VMs, freeing administrators to work on more projects Makes it much easier to diagnose issues when system are not running as intended,We agree that this one of the primary features of this product but don't have a large instance to share. It has caught many minor items which proves it is working.,Yes, we have seen this functionality in action and it has freed up our administrators to work on other projects know that there is always robust monitoring happening on a system that we can refer to at any time.,We've found many minor items but it has not revealed any major configuration issues or threats yet, which is of course is good.,,Sophos Intercept X and Trend Micro Deep Discovery Analyzer,VMware NSX, Lansweeper, Veeam Availability SuiteVerified UserVMware AppDefense makes sense and is easy to deploy2019-10-12T18:38:51.422ZIt is being used to add another layer of security in our data center. AppDefense so far has given IT the visibility inside the managed Virtual Machines and what processes are running. It gives us the ability to be alerted if new or rogue processes are running and if those processes are communicating to public IP and which port.,Configuration and deployment were simple. Consuming the data from the OS and presenting it to the user with simplicity. AppDefense Manager has built in Online Chat Support, so it is easy to reach a representative for assistance.,PowerShell functionality. Sorting results in some areas are not applicable. Email alerting through AppDefense Manager does not exist, but support has said it is a feature to come.,10,For the cost of the upgrade to vSphere Platinum compared to the costs we were already paying for vSphere Enterprise Plus with Operations Management was comparable. It made sense to upgrade and with that, we received the added features of AppDefense.,It is still early in the game to see any added benefit.,It is cool to see how much chatter a VM actually has. Not only can we see the public and private IP's that a VM is communicating with, but we can also see the port they are communicating over. We haven't found anything suspicious up to this point. but it at least gives us the tools to see a whole new spectrum.,We have not identified any threats at this time, but we are still in the early stages.,10,Verified UserThoughts and Insights about VMware AppDefense2019-07-10T22:47:13.754ZVMware AppDefense is installed in our virtual environment on all of our Windows VMs. It protects servers across multiple departments in the whole organization. It provides a layer of protection and visibility against bad server processes.,Easy to install and maintain. Easy to interpret GUI to access status. Very good support.,New product had some growing pains. Email notifications need to be added. Upgrade process needs to be more automatic.,9,It's had a positive impact of an added layer in our multi layer approach to security. Positive in its visibility that it creates into running server processes. No negative impacts that I've seen.,We have not directly benefited yet as there hasn't been a credible attack against these servers (that we are aware of anyways) so the application is mostly just idling along and acts as another level of insurance at this point.,The benefit we have received has been purely educational. In the event of an attack, it should be obvious from the visibility VMware AppDefense provides where the attack is coming from or headed to.,The alerts we have seen have predominantly been of an informational nature. We haven't seen alerts of a serious nature as of yet.,9,,Fortinet FortiGateVerified UserStill a young product with big potential. This is the future of security.2019-07-29T17:10:08.817ZVMware AppDefense is being used across the organization to protect internal assets from lateral movement in case of a breach. We have a mixed environment of virtual machines. We have virtual machines dedicated to our clients, in addition to server virtual machines that provide services to all of our employees and clients.,Provides detailed process and command-line information. Provides visibility into what connections are being made to/from a specific server/service. Ability to group multiple VMs into service groups for proper correlation.,No ability to display network owner information in alerts (i.e. AS number/Network owner name of a public IP). No ability to resolve IP addresses for display in alerts. Setup, classifying, and configuring all of the requisite process rules is tedious.,7,Due to the amount of time VMware AppDefense has been in use at my company, this cannot yet be quantified.,This is a huge benefit to our organization as we have always been of the opinion that constantly scanning for threats that you may not even be aware of was a futile way of protecting assets. As with the current model, a threat can only be recognized if its signature was added to the respective scanner's database. Whitelisting processes has always been the preferred methodology, as we already mostly know what to expect for incoming and outgoing connections, which is where VMware AppDefense really comes into play,We have benefited greatly by having complete visibility into the running processes and the connections they are making. This has allowed us to address holes in our security posture and make necessary adjustments to ACLs.,I see it as a positive that thus far, we have not identified any threats with VMware AppDefense. We have, however, been able to confirm our expectations of what various server processes are doing and the resources they are connecting to. We are still tweaking and tuning the automatic remediation and rules, so this portion of the VMware AppDefense service is still ramping up in our organization.,9,VMware vCenter Server, HPE Nimble Storage, Windows Server, Fortinet FortiGate, FortiClientVerified UserRecently Implemented AppDefense2019-07-30T17:59:26.812ZIt is presently being used at our corporate site to provide an additional layer of security.,Ease of installation Integration with carbon black,Alerting Deleting the groups wasn't obvious,9,We have just turned it up so we don't have enough data yet,We have a mixture of VM's in learning mode and those in protect mode. We have not had any issues thus far.,We have recently implemented the solution and will have a better answer in the future.,We have had no threats thus far,10,,vSphere with Operations Management (VSOM), vRealize Suite, Windows ServerVerified UserWindows, Linux
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Reviews (1-7 of 7)
July 24, 2019
July 29, 2019
October 12, 2019
Score 10 out of 10
Read this authenticated review
Simple. I have used the Online Chat Support that is on the side screen of the AppDefense Manager page. The couple times I've used the support, the support representative has always responded and answered in questions in a timely manner.
August 13, 2019
Score 7 out of 10
Read this authenticated review
The product is still quite new, and there seems to be a lack of technical information available for both the E.U. and support staff. That being said, the support staff that I have worked with have always been very knowledgeable and ensure that they see a ticket through to completion.
VMware AppDefense Scorecard Summary
About VMware AppDefense
VMware AppDefense is the only hypervisor-native workload protection platform for enterprise virtualization and security teams that delivers the most secure virtual infrastructure and simplifies micro-segmentation planning by providing deep application visibility, reputation scoring, and security.
Rather than chase the infinite threat landscape, AppDefense reduces the attack surface and implements a least privilege operating model by understanding intended application behavior and monitoring for anomalous behavior. The Application Verification Cloud component combines multiple reputation and threat feeds with machine learning models to enable application control, continuous vulnerability analysis of workloads, and high-fidelity alerts to respond to security incidents more quickly and effectively.
VMware AppDefense Downloadables
VMware AppDefense Integrations
Has featureFree Trial Available?Yes
Does not have featureFree or Freemium Version Available?No
Has featurePremium Consulting/Integration Services Available?Yes
Entry-level set up fee?Optional
VMware AppDefense Support Options
|Free Version||Paid Version|
|Video Tutorials / Webinar|
VMware AppDefense Technical Details
|Deployment Types:||On-premise, SaaS|
|Operating Systems:||Windows, Linux|