Professional Documents
Culture Documents
SECURING MULTI-CLOUD -
SOLUTION GUIDE
VMwareSecuring Multi-Cloud
SECURING MULTI-CLOUD - SOLUTION GUIDE
Table of Contents
– Product Overview
– NSX Architecture
– NSX Intelligence
DOCUMENT | 2
SECURING MULTI-CLOUD - SOLUTION GUIDE
– Workloads
– Additional Resources
– Product Overview
– Improve Visibility
– Remediate Violations
– Increase Collaboration
– Additional Resources
– Summary
– Additional Resources
– Changelog
– Feedback
DOCUMENT | 3
SECURING MULTI-CLOUD - SOLUTION GUIDE
Cloud environments are increasingly interconnected, making it difficult to maintain a secure perimeter. While this less walled-off
approach has many advantages, it can also lead to security risks by increasing the potential attack surface. Ideal cloud security
plans enable companies to take advantage of cloud computing benefits while also minimizing the risks.
Cloud computing creates a number of other unique security issues and challenges. For example, it is difficult to identify users
when addresses and ports are assigned dynamically, and virtual machines are constantly being spun up. In addition, multitenant
environments in public cloud environments mean that an organization’s data shares space with the data of other organizations.
Thus, it is important for public cloud providers to keep tenants isolated.
1. Know who is responsible for each aspect of cloud security, rather than assuming that the cloud provider will
handle everything.
2. Understand how cloud architecture works to help avoid security holes due to misconfiguration.
3. Implement the principle of least privilege. Assign appropriate permissions, disable unused ports, and remove
unnecessary services, processes, and instances. All of these can contribute to the attack surface and vulnerabilities.
Responsibility for cloud security is shared between cloud providers (which offer several security tools and services to customers)
and the enterprise to which the data belongs. The security obstacles in a Multi-Cloud environment are many and varied. This
solution guide will focus on four key areas in depth, endpoint security, workload security, network security, and cloud security
posture. The solutions discussed here and provided by VMware, provide a strong and secure foundation for modern Multi-Cloud
environments.
DOCUMENT | 4
SECURING MULTI-CLOUD - SOLUTION GUIDE
At an architectural level, utilizing VMware Carbon Black, NSX, and Cloud Health Secure State, VMware can provide the following
security capabilities across a Multi-Cloud environment.
DOCUMENT | 5
SECURING MULTI-CLOUD - SOLUTION GUIDE
VMware Carbon Black Cloud™ is a cloud-native endpoint protection platform (EPP) that combines the intelligent system hardening
and behavioral prevention needed to keep emerging threats at bay, using a single lightweight sensor and an easy-to-use console.
Instead of needing to deploy a variety of products each with its own setups, configurations, and policies, this solution delivers
multiple security capabilities through a common cloud-delivered platform that shares one sensor, one cloud console, and one
dataset. As requirements change, adding new services is fast and easy, eliminating the need for additional Capex investment or
the need to deploy new agents.
The platform is built on a comprehensive endpoint dataset that can be used and shared across tools and services—whether
provided by VMware or other vendors. This creates a single source of truth and adds context to security across the board. This
platform was constructed with the understanding that security needs grow and change as the threat landscape evolves.
We achieve this by applying machine learning and behavioral models to analyze endpoint data and uncover malicious activity to
stop all types of attacks before they reach critical systems. Streaming analytics is derived from event stream processing, a
technique that has been implemented for years across multiple industries—from credit card fraud detection to high-frequency
trading. By focusing on ongoing behavioral analysis as opposed to point-in-time detections, the platform can recognize when a
series of actions that have taken place over time is suspicious. The platform stops both malware and non-malware attacks,
including attacks that leverage known-good software to do malicious things. For example, an attack leveraging a command
interpreter such as PowerShell to find and encrypt all files on the disk could be run entirely remotely without a file bypassing any
form of signature-based prevention. However, the process running the commands would still exhibit behavioral patterns similar to
ransomware, which would be detected and stopped. The platform threats, threats patterns, and indicators are invisible to
traditional and machine learning antivirus by looking upstream to the root cause of attacks and then applying this knowledge to
DOCUMENT | 6
SECURING MULTI-CLOUD - SOLUTION GUIDE
VMware Carbon Black Cloud offers out-of-the-box protection (for those who want to set it and forget it) and the option for highly
customizable policies. This lets organizations disrupt future attacks by specifically addressing gaps or blind spots. IT and security
professionals can create custom control policies for individual work groups in their environment, control update frequency, and
define exactly what types of processes are or are not allowed to run, and how untrusted execution is handled. For example,
unknown applications could be denied operation entirely or could be allowed to run but not allowed to make any network
connections or invoke-command interpreters. This level of granular control ensures that professionals who need specific control of
their machines can have it, while still stopping advanced attacks. When protecting endpoints, it is important to acknowledge that
there are many ways to gather threat intelligence and utilize all available sources. More than 75 of the world’s leading incident
response vendors use VMware Carbon Black to investigate breaches daily, providing insights into the most recent attacks. The
dedicated VMware Carbon Black Threat Analysis Unit leverages these insights and further investigates current attack trends,
ensuring our analytics are always up to date and evolving to protect against emerging attacks. On top of this, our customers have
access to a user community of more than 30,000 security experts, allowing members to interact with one another and learn about
the latest insights and intelligence.
While siloed tool sets can make it difficult to fully understand what is happening on endpoints—forcing professionals to piece
together the necessary information from multiple places—our platform gives a comprehensive picture of what occurred in the past
and what is happening now. With the power of comprehensive IT, security professionals have deep visibility into the state of their
endpoints—eliminating gaps and blind spots, accelerating investigations and remediation, and leading to a significant reduction in
dwell time.
This visibility is beneficial to all security professionals and offers specific value to threat hunters and incident responders who need
quick and clear access to data to investigate, proactively hunt for, and remediate threats. Our approach allows investigations that
often take days or weeks to be completed in just minutes. The sophisticated detection capabilities combine custom and cloud-
delivered threat intel, automated watchlist, and integration with the rest of the security stack to efficiently scale hunting across the
enterprise.
The platform’s quick and agile search/zoom process, with trees and timelines, gives a comprehensive understanding of how an
attack was executed. It is easy to uncover exactly where an attacker went and what they did, as well as the root cause, in minutes
to quickly address gaps in defenses. With remote investigation and remediation of any endpoint from anywhere, security
professionals can reduce IT involvement, eliminating unnecessary reimaging and support tickets.
To augment and supplement the operating system event data that it is continuously collecting, the platform offers tools to gather
additional information that cannot and should not be collected on a continuous basis. Real-time audit and remediation capabilities
make it faster and easier for security and IT teams to assess and change system states to harden their environment against the
most relevant threats. This power to create custom queries provides visibility into precise details about the current state of all
devices and workloads—on and off the network. Professionals can then respond to this information by isolating infected systems to
prevent lateral movement, creating a remote secure shell to any endpoint, collecting, and storing additional forensics data for
post-incident investigation, or running scripts for full remediation.
Administrators also have the option to run queries against specific groups of devices and even individual devices. This enables the
user to start broadly and then get more granular by targeting only those machines important to that specific investigation or audit.
Having the tools to quickly gather all the information needed to fully understand an attack and being able to take immediate
action remotely helps professionals reduce dwell time and minimize risk in their environment.
DOCUMENT | 7
SECURING MULTI-CLOUD - SOLUTION GUIDE
While most endpoint security programs require multiple siloed systems that burden end users and complicate management,
VMware Carbon Black Cloud provides a single consolidated platform, supporting multiple endpoint security needs. Although some
AV (Anti Virus) vendors have begun to use cloud-based consoles, they aren’t taking full advantage of the cloud for security
analysis and operations. Additionally, other vendors call themselves a “platform” but actually operate as a suite of separate
products. Unlike these solutions, our cloud native platform delivers multiple services using a single lightweight sensor, enabling
organizations to consolidate security products. A centralized, unified console provides professionals access to numerous
capabilities and the complete dataset.
This platform makes it easy to deploy multiple security services without compromising endpoint performance. There is no need to
purchase or stand-up onsite infrastructure, and our out-of-the-box policies are easily customized to fit any environment.
Additionally, when an organization decides that it is time to expand their security capabilities, they can seamlessly add new
features without new infrastructure sensors or deployment costs.
VMware Carbon Black Cloud automatically adapts to new attacks, so endpoints remain protected without requiring manual
updates. Gone is the burden of constantly distributing large signature updates. Our automatic protection against the latest, most
advanced threats gives organizations access to new and updated features as soon as they are released.
For example, the tight integration with IBM QRadar allows administrators to leverage industry-leading next-generation antivirus
(NGAV) and endpoint detection and response (EDR) solutions to see, detect and act on endpoint activity from directly within the
QRadar console. When necessary, security analysts are able to immediately remediate at the point of compromise from the
QRadar console, streamlining workflows and speeding response.
Beyond integrations, data collected from the endpoint can be exported quickly out of the platform’s data pipeline for use with
customer-specific integrations and custom processing. Open APIs further allow organizations to build custom dashboards for
DOCUMENT | 8
SECURING MULTI-CLOUD - SOLUTION GUIDE
integrated management and reporting and create new workflows that support and enhance their security programs. When security
tools are operationally unified, an organization’s overall security posture can improve dramatically, reducing dwell time and risk.
VMware offers powerful, flexible prevention that is able to stop malware ransomware and non-malware attacks. It prevents these
attacks automatically, whether the endpoint is online or offline, from anywhere in the world, and is able to keep up with the
always-changing threat landscape to block emerging never-before-seen attacks that other solutions may miss. VMware’s industry-
leading detection and response capabilities reveal threat activity in real-time, so organizations can respond to any type of attack
as soon as it’s identified. The root cause of an attack can be uncovered in minutes through visualizations that show every stage of
the attack with easy-to-follow attack chain details. VMware Carbon Black Cloud Endpoint™ Standard lets administrators
immediately triage alerts by isolating endpoints, deny listing applications, or terminating processes. Professionals can secure shell
into any endpoint on or off the network to perform full investigations and recommendations remotely.
The VMware U.S.-based experts analyze, validate and prioritize alerts from VMware Carbon Black Cloud, helping to ensure that
companies do not miss the threats that matter. The service provides additional, human-generated context to alerts, such as
connecting alerts caused by the same root cause, to help streamline investigations and resolve security issues. VMware threat
experts proactively identify trends by monitoring threat activity across millions of endpoints, providing advice on widespread
attacks and retroactively detecting and confirming emerging threats based on iterative discovery techniques. Monthly reports
summarize alert data, turning a month’s worth of unfiltered data into actionable recommendations that help security professionals
see the bigger picture and continually improve efficacy.
Enterprise EDR
VMware Carbon Black® Cloud Enterprise EDR,™ our threat hunting and incident response (IR) solution, delivers continuous
visibility for top security operations centers and IR professionals.
Investigations that typically take days or weeks can be completed in just minutes. Carbon Black Cloud Enterprise EDR correlates
and visualizes comprehensive information about endpoint events, giving IT and security professionals greater visibility into their
environments. The solution’s sophisticated detection enables indicators of compromise (IoC) monitoring with your choice of threat
intel, including your own custom feeds. This solution extends the automated recognition of tactics, techniques, and procedures
(TTPs) in Carbon Black Cloud Endpoint Standard with deep investigation data and tools to help understand current attacks as well
as longer-term attack patterns. With threat hunting on the VMware Carbon Black Cloud, professionals have the power to respond
and remediate in real-time, stopping active attacks and repairing the damage quickly.
Carbon Black Cloud Audit and Remediation gives administrators visibility into the most precise details about the current state of all
endpoints. It automates operational reporting on patch levels and assesses IT hygiene. When combined with the VMware threat
hunting capabilities, Carbon Black Cloud Audit and Remediation provides an unprecedented level of visibility to speed investigation
and threat hunting.
DOCUMENT | 9
SECURING MULTI-CLOUD - SOLUTION GUIDE
Tightly integrated with VMware vSphere, VMware Carbon Black Workload provides advanced security that alleviates installation
and management overhead and consolidates the collection of telemetry for multiple workload security use cases. This unified
solution enables security and infrastructure teams to automatically secure new and existing workloads at every point in the
security lifecycle while simplifying operations and consolidating the IT and security stack.
vSphere administrators can easily activate workload protection as a feature right from the vSphere Client, with bulk enablement
and lifecycle management for virtual machine inventory. The vSphere dashboard provides visibility into appliance health,
inventory status, and install workflow, and allows the infrastructure team to see a risk-prioritized list of operating system and
application vulnerabilities found across the environment. VMware Carbon Black Cloud Workload enables deeper, unparalleled
visibility into your environment to reduce risk and harden workloads while helping to streamline and operationalize security.
With advanced workload protection from VMware, the security team can analyze attacker behavior patterns over time to detect
and stop never-seen-before attacks, including those manipulating known-good software. If an attacker bypasses perimeter
defenses, VMware Carbon Black empowers security teams to shut down the attack before it escalates to a data breach. By
embedding security into the infrastructure, you can easily audit the current system state to track security posture and harden
workloads, while enabling easier collaboration with vSphere administrators to address known vulnerabilities.
DOCUMENT | 10
SECURING MULTI-CLOUD - SOLUTION GUIDE
Simple Deployment
Setting up VMware Carbon Black Cloud Workload on a vSphere instance can take as little as fifteen minutes. Installing Carbon
Black Workload Appliance in under 15 minutes We leverage the same technology you are used to using for other plugins such as
NSX or vCenter itself. Deploy the Carbon Black Cloud Workload appliance, connect to the Carbon Black Cloud console, enter a few
critical configuration parameters and you are ready to go!
DOCUMENT | 11
SECURING MULTI-CLOUD - SOLUTION GUIDE
vSphere Integration
Carbon Black's sensor launching capability is packaged in VMware Tools 11.2.0 and later versions. This determines the eligibility of
Windows virtual machines for Carbon Black protection and facilitates the sensor delivery with a single-click and no disruption to
any business operations.
vCenter Plugin
Carbon Black plugin can be accessed using the vSphere Client. This provides the capability to the vSphere Admin to enable/disable
Carbon Black on eligible workloads and access protection services such as Inventory, Lifecycle Management, Vulnerability
Assessment.
Inventory
InfoSec admin and vSphere admin can easily view the inventory of the virtual machines using the Carbon Black Console and
vSphere Client. They can easily learn about its protection status and assigned policies. With a single click, they can get access to a
richer data set about virtual machines including their vulnerabilities and trigger various management actions.
Lifecycle Management
InfoSec admin and vSphere admin can easily enable/disable/upgrade Carbon Black sensor on the virtual machines. With a single
click, they can enable/disable/update Carbon Black sensor on one or multiple virtual machines. InfoSec admin can even perform
additional actions such as assigning policy, enable/disable bypass, query assets, etc. on one or multiple virtual machines using the
Carbon Black Cloud console.
Vulnerability Assessment
VMware Carbon Black Cloud Workload provides InfoSec and vSphere admins with a list of OS (Operating System) and Application
vulnerabilities across protected virtual machines. This solution is scan-less and risk-prioritized to reduce operational overhead and
to provide the most critical data to you in an easy-to-consume format. This allows the InfoSec and vSphere admin teams to utilize
a single source of truth for vulnerability assessments.
DOCUMENT | 12
SECURING MULTI-CLOUD - SOLUTION GUIDE
With network virtualization, the functional equivalent of a network hypervisor reproduces the complete set of Layer 2 through
Layer 7 networking services (for example, switching, routing, access control, firewalling, QoS) in software. As a result, these
services can be programmatically assembled in any arbitrary combination to produce unique, isolated virtual networks in a matter
of seconds.
VMware NSX-T builds security into the network virtualization infrastructure. There are many built-in services that are part of NSX-
T that enhance security. Security teams can protect the data center traffic across virtual, physical, containerized, and cloud
workloads. The security capabilities are always present in the infrastructure and are quickly configurable. Further, no one can
tamper with the security controls because they reside in the hypervisor, effectively decoupling the controls from your workloads.
NSX Architecture
DOCUMENT | 13
SECURING MULTI-CLOUD - SOLUTION GUIDE
NSX-T has a distributed architecture. Security enforcement controls are located at the virtual network interface of each workload
and provide a granular mechanism to police traffic flows. There is no centralized appliance that limits security capacity, and you do
not need to artificially hairpin the network traffic to a network security stack. As NSX-T is integrated into the virtualization
infrastructure, it has visibility into all applications and workloads. NSX-T uses this visibility to derive rich application context,
closely track the life cycle of workloads and automate security policy management.
You can use NSX-T Distributed Firewall (DFW) for Macro-Segmentation (Security Zones) and Micro-Segmentation. Distributed
Firewall provides complete L2-L7 East-West visibility and enforcement, with automated policy formulation. It works on both
Physical Servers and VMs on ESXi and Physical Network changes are not required. By using DFW, it is possible to segment in any
matter desired. There are four basic types of segmentation, many of which can coexist – each applied in different sections of the
environment.
Zone Segmentation: Zone Segmentation can be as general as segmenting production from non-production, or it may
be a far more detailed segmentation by business unit, function, or product offering. The point is that each zone is
defined independently of segments, VLANs, data centers, or other constructs. Zones are entirely logical definitions that
can be used to define security policy.
VLAN Segmentation: VLAN segmentation is most used when replacing the legacy firewall infrastructure. In this
model, an IP segment is a defining element for a source or destination of the security policy.
Application Segmentation: Application segmentation is used to define a logical security ring around an application.
Because applications are not frequently understood in detail, it can be convenient to simply define a tag for a given
application and apply this tag to all its components and allow full communication between said elements. This brings
greater security than a large zone definition which can have multiple applications, without requiring detailed
understanding for micro-segmentation.
DOCUMENT | 14
SECURING MULTI-CLOUD - SOLUTION GUIDE
explicitly as possible. At its extreme, micro-segmentation can be the explicit definition of communication between
pairwise elements. Clearly, this is operationally complex, thus NSX offers micro-segmentation based on tags that allow
explicit definition by groups. For example, you can define a rule which allows SSL (Secure Socket Layer) but only TLS
(Transport Layer Security) version 1.3 to the tagged secure web servers. Based on the needs of your organization, you
can segment traffic in each of these different manners.
With NSX-T, all these segmentation approaches are not exclusive but can coexist. You can decide to segment a lab in a zone
model by just setting up a boundary around it and a DMZ environment in a micro-segmentation. You can segment non-production
environments just by applications whereas you can further segment the production applications containing sensitive customer
data using VLAN. The change of one security model to another is accomplished through a simple policy push, without the need to
re-architect any networking infrastructure.
You can use NSX-T Gateway Firewall to provide firewalling for the North-South traffic at the Layer 3 boundary. You can use the
Gateway Firewall as an inter-tenant/zone firewall from the north-south perspective, along with the Distributed Firewall. Gateway
Firewall is supported on both Tier-0 and Tier-1 gateways. Tier-0 supports basic L3/L4 stateful firewall, whereas Tier-1 supports
basic L3/L4 and advanced L7 features like L7 Application ID, URL filtering, IDS/IPS, TLS Inspection, Identity Firewall, and Malware
Prevention. The Gateway Firewall provides firewalling services and other services that cannot be distributed such as NAT, DHCP,
VPN, and load balancing, and needs the services router component of the gateway.
NSX Intelligence
NSX Intelligence, a security analytics and policy management solution, automatically determines the communication patterns
across all types of workloads, makes security policy recommendations based on those patterns, and checks that traffic flows to
conform to the deployed policies.
Malware Prevention detects and prevents malicious file transfers by using a combination of signature-based detections of known
malware, including static and dynamic analysis of malware samples. You can configure Malware Prevention on your gateway
firewall for North-South traffic. For East-West traffic, it can be configured in distributed Intrusion Detection and Prevention System
(IDPS), utilizing Guest Introspection to protect virtual machines (VMs).
Network Detection and Response (NDR) collects the traffic from the entire network infrastructure across on-premises, cloud, and
hybrid cloud. It uses AI (Artificial Intelligence) techniques to analyze traffic and gain insights about advanced threats. With NDR,
you can visualize the entire traffic flow, which is correlated and presented as campaign cards along with affected hosts and a
detailed timeline of threats. Additionally, NDR maps to the MITRE ATT&CK tactics and techniques for resourceful understanding of
key events in the campaign.
Maximum Network Threat Visibility: In using multiple threat detection techniques at once (IDS/IPS, NTA, Network
Sandbox, etc.), ATP delivers deep visibility into all your network traffic.
Advanced Malware Detection: ATP helps secure both Private and Public Cloud workloads against threats that have been
engineered to evade standard security tools.
Lower False Positives: ATP can greatly improve the accuracy of your alerts, which means your security teams can focus
on a smaller set of actual intrusions.
DOCUMENT | 15
SECURING MULTI-CLOUD - SOLUTION GUIDE
Workloads
Workloads come in various form factors like virtual machines, containers, and physical servers. In addition, workloads are hosted in
different environments like on-premises, native cloud, or managed cloud. The heterogeneity of the workload form factor and
deployment type further challenges the organizations regarding security coverage, policy consistency, number of platforms to be
managed, and overall operational simplicity. The requirement of an organization is to have an operationally simple platform that
provides consistent policy across virtual machines, containers, physical servers, and native cloud workloads without compromising
the application and data security.
Additional Resources
NSX TechZone Security Resources: https://nsx.techzone.vmware.com/security-resources
CloudHealth Secure State is an intelligent cloud security and compliance monitoring platform that helps organizations reduce risk
and protect millions of cloud resources by remediating security violations and scaling best practices at cloud speed.
DOCUMENT | 16
SECURING MULTI-CLOUD - SOLUTION GUIDE
Improve Visibility
Gain Real-Time Visibility Across Cloud & Kubernetes Infrastructure
Monitor multiple cloud providers and understand how a minor configuration change can elevate risk across connected cloud
objects
Quickly discover inventory, explore cloud topology, and drive investigations with a unified search engine for
multiple cloud providers, regions, and accounts
Detect security risks within seconds and monitor ephemeral cloud resources with an event-based approach
that minimizes API calls to cloud
In a single graph view, get deep security context including cloud resource relationships, misconfigurations,
threats, metadata, and change activity
Audit configuration changes and track progress developers make in resolving security and compliance
violations across the organization and sub-projects
DOCUMENT | 17
SECURING MULTI-CLOUD - SOLUTION GUIDE
Assess misconfiguration and compliance risk by automating benchmarks such as CIS, GDPR, HIPAA, ISO
27001, MITRE ATT&CK Cloud, NIST, PCI, & SOC 2
Eliminate security and compliance blind spots by defining custom frameworks and rules specific to technical
needs
Reduce false positives and allow exceptions to security policies by automatically suppressing rules or
findings based on pre-defined criteria
Prioritize security of most vulnerable cloud resources with an intelligent risk-scoring algorithm that makes it easy to
identify critical findings
DOCUMENT | 18
SECURING MULTI-CLOUD - SOLUTION GUIDE
Remediate Violations
Resolve Violations with a Secure Auto-Remediation Framework
Use automation to improve security and compliance posture and build guardrails that prevent mistakes
Safely embrace auto-remediation with a framework that takes actions without writing permissions to a customer
cloud environment
Mitigate risks at scale with a rich library of pre-defined remediation jobs and the ability to create custom jobs as
code
Click to fix known violations and precisely target resources based on filtering criteria such as a cloud provider type,
region, account, or tag
Proactively prevent mistakes by enabling guardrails that automatically resolve new violations that match specified
filtering criteria
Increase Collaboration
Empower Developers and Streamline Security Operations
Automate cloud security operations in the company with an API-first platform that easily integrates with other IT, security, and
developer tools
Shift-left security to proactively identify and resolve violations through API based verification within CI / CD
pipelines
Enable developers to manage cloud risk with Role-Based Access Controls for monitoring security and
compliance findings
Prioritize security and incident response by correlating threats ingested from third-party sources with native
security and compliance findings
DOCUMENT | 19
SECURING MULTI-CLOUD - SOLUTION GUIDE
Streamline SOC investigations by easily exporting native findings for additional analytics in Security
Information & Event Management systems
Mitigate security and compliance risk with real-time security insights, CloudHealth Secure State does provide the following
capabilities to help secure Multi-Cloud:
Improve security visibility with real-time inventory search and investigation capabilities for multi-cloud environments.
Reduce misconfigurations and prioritize threats with visual risk context and a more secure auto remediation approach.
Benchmark compliance with industry standards with over 950 out-of-the-box rules and enterprise customizations.
Plan how to operationalize your cloud security program through better collaboration between dev
elopers, security, and operations team
Additional Resources
VMware CloudHealth Product Page: https://cloudhealth.vmware.com/
VMware CloudHealth HOL (Hands-On Lab): https://labs.hol.vmware.com/HOL/catalogs/lab/10903
Additional Resources
Carbon Black TechZone: https://carbonblack.vmware.com/
NSX TechZone Security Resources: https://nsx.techzone.vmware.com/security-resources
Changelog
The following updates were made to this guide:
DOCUMENT | 20
SECURING MULTI-CLOUD - SOLUTION GUIDE
Feedback
Your feedback is valuable.
To comment on this paper, contact VMware Carbon Black Technical Marketing techzone-sbu@vmware.com.
DOCUMENT | 21
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax
650-427-5001 www.vmware.com
Copyright © 2022 VMware, Inc. All rights reserved. This product is protected by U.S. and international
copyright and intellectual property laws. VMware products are covered by one or more patents listed
at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc.
in the United States and/or other jurisdictions. All other marks and names mentioned herein may be
trademarks of their respective companies.