Posted on by Saurabh Bhattacharya

Understanding VMware’s Security Services Platform (SSP)

A brief discussion about understanding vDefend Security Services Platform

CuriousTechie: Hello IT Guy! I have been hearing about a new product in VMware’s portfolio called SSP – Security Services Platform. Can you help me understand what is this product?

ITGuy: Sure! Have you worked with NAPP ( NSX Application Platform) ? And how was your experience working with NAPP?

CuriousTechie: Yes! I have deployed and used NAPP after having a conversation with you here. To be honest, it was fun but little tough to deploy. It required some Kubernetes knowledge and had a lot of dependencies. Also an air gap deployment was very challenging.

ITGuy: SSP is the successor of NAPP but its exponentially easy to deploy without any major dependency. vDefend Security Services Platform represents a next-generation solution for visualizing and managing vDefend Security within VMware Cloud Foundation (VCF). It is designed to deliver a high-performance, scalable platform that efficiently operates various vDefend security services.

CuriousTechie: Cool! Is it still a Kubernetes based solution and do we need a Kubernetes environment to deploy it?

ITGuy: Well it is a Kubernetes based solution but we do not need a Kubernetes environment to deploy it.

CuriousTechie: Can you help me understand it better?

ITGuy: SSP has a very different architecture. It has two components SSP Installer & SSP Instance. SSP installer is a standard OVA appliance which will be deployed as a VM on a vCenter environment. SSP installer will facilitate the deployment of the SSP instance.

CuriousTechie: For NAPP deployment, we had NAPP Automation Appliance to deploy NAPP. How is SSP Installer different from NAPP Automation Appliance aka NAPPAA ?

ITGuy: NAPP needed a Kubernetes environment to deploy it, either an upstream Kubernetes cluster or a Tanzu cluster. NAPPAA used to help automate the process to enable Tanzu cluster and deploy NAPP instance on it. It also needed internet access to get the binaries from the public registry.

For SSP, user deploys the installer appliance via standard OVA deployment. The Installer deploys multiple controller/worker node VMs directly on the vCenter environment. Which is then configured to run SSP Instance K8s pods. This means there is no dependency on Tanzu / Supervisor cluster. From vSphere point of view you will just see bunch of VMs in a resource pool in your vCenter.

CuriousTechie: That’s interesting! Can you outline the high level steps for the deployment?

ITGuy: Sure!

  • User downloads the SSP Installer OVA and SSP tar file from Broadcom Portal here ProTip: Search for VMware Firewall
  • Deploy SSP Installer OVA in your VCF Management Domain
  • Login to the SSP Installer web UI and upload the SSP tar bundle
  • Provide all the configuration parameters for SSP instance like Form factor, vCenter (Management or Workload Domain), Datastore, Network details etc.
  • Once the deployment is complete then you should see controllers and worker nodes VMs running in your vCenter environment.
  • At this point, you should be able to login to SSP Instance web UI and enable Security Features as per requirement and license entitlement.

NOTE: There is no need of internet access because all the binaries are available in the TAR file. This makes the deployment very streamlined for Highly secure Air gap environments.

You can watch this demo video on YouTube for a better understanding of the deployment steps.

CuriousTechie: This looks quite straight forward. Are there any new security features on SSP as compared to NAPP?

ITGuy: On a high level the features are same that we had in NAPP

  • Security Intelligence
  • Network Traffic Analysis (NTA)
  • Network Detection and Response (NDR)
  • Malware Prevention Services

But there are some new sub features like Segmentation score which looks very interesting and valuable. You can find more details about this feature here.

CuriousTechie: This looks very interesting and would like to explore it more in detail.

ITGuy: SSP can be the base platform for all the new security related feature innovations. You can check the official documentation of SSP for more in depth information about all the features available.

One Reply to “”

  1. Pingback: The Role of vDefend NDR in Protecting VMware SDDC Environments – Curious-Techies

Leave a comment