VMware Carbon Black Solution Analysis
The VMware Carbon black is an endpoint protection platform (EPP) that claims to protect over 16000+ businesses across the world. The solution combines multiple capabilities such as AV protection, EDR, and behavioral prevention to protect from threats. The solution consists of two main components 1) sensors: that reside on and monitor the endpoints, and 2) a centralized server: that stores the sensor data and provides insights
Target Organizations
The platform is rich with features and security data, necessitating a dedicated IT department to deploy and manage the solution. Taking advantage of its depth is best accomplished by a sizable IT team, such as those found at midsize and larger organizations. Its investigation features make it ideally suited for companies with a security operations center (SOC).
Compatibility and Resource Requirements
Carbon Black supports Windows workstations and servers as well as Mac and Linux machines. You can also secure remote offices and mobile devices through VMware Carbon Black Cloud Endpoint Standard.
Solution compatibility need to be verified for each of the support environment including Windows, Linux, etc
The resource requirement varies based on the platform and also based on the capability requirements
The communication between the agents and the server also requires to have the opening of the port SSL 443
Industry Validation and Competition
The below table summarizes some of the industry studies on the solution
| Validators | Date | Malware | Real-world protection | EDR Evaluation | Detection Rate |
| AV comparatives | May 2020 | 100% | 99.8% | ||
| MITRE | April 2020 | Success | |||
| AV-TEST | June 2020 | 100% | 100% | ||
| OPSWAT | July 2018 | GOLD | |||
| ICSA Labs | June 2018 | 100% |
The solution competitive landscape includes Crowdstrike, Trend Micro, Sophos, FireEye, Palo Alto Networks, Tanium McAfee, Microsoft, and SentinelOne
Pricing
Carbon Black’s products are available through third parties the company refers to as “partners.” You’ll have to request quotes from these partners to determine the Carbon Black price.
Pricing depends on factors such as the number of endpoints, features you’re buying protection for, and the subscription term measured in years. Multi-year subscriptions provide greater discounts.
Support Levels
There are different levels of support available, please find them below
| Feature | Standard | Premium | Platinum |
| Support availability | 8 AM to 8:00 PM (based on geo) | 24*7 | 24*7 |
| Unlimited cases | Yes | Yes | Yes |
| Phone, email, and customer portal support | Yes | Yes | Yes |
| Access to the knowledge base | Yes | Yes | Yes |
| Access to user exchange community | Yes | Yes | Yes |
| Designated support engineer | NO | NO | Yes |
Solution Licensing Bundle
| Prevention | Standard | Advanced | Enterprise |
| NGAV | NGAV | NGAV | NGAV |
| Device Control | Device Control | Device Control | |
| Behavioral EDR | Behavioral EDR | Enterprisel EDR | |
| Audit and remediation | Audit and Remediation | ||
| Vulnerability Management | Vulnerability Management |
Summary
As a security platform, Carbon Black provides many valuable features. Its potent security intelligence and toolset are impressive. A combination of next-generation antivirus capabilities and EDR is not often found in a single package. The latter often requires a separate upgrade purchase. From that perspective, Carbon Black delivers a comprehensive solution.
Its protection capabilities are excellent against general malware. Challenges lie in its ability to effectively stop zero-day attacks and its impact
Securing OT and IoT with Nozomi Networks
Multi-environment Reality and the New Security Challenges
AlgoSec – NSPM Solution Quick Review
About Author
Muhammad Marakkoottathil(MM)
Expert in the field of SDN, cloud computing, virtualization, active-active data center design & migration. Passionate about helping organizations to achieve their digital transformation objectives with strong 15+ years of experience in design, deployment, and managing heterogeneous network solutions across the industry verticals. Major Industry Certifications: Cisco CCIE, CCDP, VMware VCAP-NV_DESIGN, TOGAF, ITIL, NUTANIX NCSE, Google Cloud Architect, Azure Fundamentals More info please visit my page @ LinkedIn: https://www.linkedin.com/in/contactmm/
Good luck.