First year on AppDefense
July 29, 2019
First year on AppDefense
Score 7 out of 10
Vetted Review
Verified User
Overall Satisfaction with VMware AppDefense
Our current organization goals revolve around improving security and easing the manageability of our systems, two things that often don't correlate with each other. Some items of that process include building a more robust RBAC model, micro-segmenting our network and gaining 24/7 visibility of what's happening on our VMs. To accomplish those goals, we landed on using the combination of AppDefense, NSX and Carbon Black. NSX with its Active Directory integration greatly limited the East/West exposure to each of our VMs. Once we ironed out the connections needed for each VM we monitored a 30, 60, and 90 day baseline with AppDefense and Carbon Black. It was noisy in the beginning but once established we have better visibility to our VMs when something out of the ordinary is happening.
- Understanding normalized operations and resource usage of VMs at the guest level
- Fine grain control of of guest level operations
- Steep learning and a lot of moving pieces
- Very new product and Carbon Black is the only 3rd party vendor that can integrate
- Limited information and training. We've never been to VMworld but it was barely mentioned at the VMUG UserCons we've attended
- As with everything now, automation is key. AppDefense effectively monitors the activity on all our VMs, freeing administrators to work on more projects
- Makes it much easier to diagnose issues when system are not running as intended
We were advised that vShield will be retired and its functionality was being integrated with App Defense. Carbon Black is or was the only AV vendor that integrated with it. A priority for us was to use a VMware supported solution. Sophos Intercept X was creating their own module. Trend Micro Deep Security didn't have any plans in place to move from vShield.