Global namespace, a unique concept in VMware Secure App IX, is a logical abstraction of an application from infrastructure that physically spans across multiple clouds and environments. The Enterprise features of VMware Secure App IX leverage the abstraction of VMware Secure App IX Global Namespace (GNS) construct, to offer API discovery, detection, and behavioral security and observability capabilities across multi-cloud environments. An advantage of GNS is the ability to define a policy once and apply it everywhere.

Advantages

  • Abstracts application components and view from infrastructure.

  • Allows seamless integration of multiple heterogeneous clouds.

  • Ensures inherent security by providing an isolation boundary for an application.

  • Provides a single location for the application of global policies.

  • Helps address non-functional requirements of applications.

Note:

The same application can have different VMware Secure App IX Enterprise capabilities depending on the global namespace that it runs on.

There are additional VMware Secure App IX Enterprise capabilities that Global Namespace extends beyond the ones mentioned in Global Namespaces.

API Security

Global namespace enforces API vulnerability detection & mitigation, API baselining and drift detection (including API parameters / schema validation).

Application Secure Connectivity

GNS provides strong isolation, global service identities, certificate management, and mTLS encryption for ensuring secured connectivity between applications.

API/PII Segmentation

Global Namespace provides attribute-based access control (ABAC), Personally Identifiable Information (PII) data detection and tracking, and end-user detection policies for applications.

API Visibility

VMware Secure App IX aggregates API analytics, events, and logs such as API's overall security and performance metrics within the global namespace. VMware Secure App IX provides a GraphQL endpoint through which you can query API data.

Auto Discovery (API Discovery, PII Data Discovery, User Discovery)

By configuring the global namespace, you can observe traffic patterns and behaviors between services, as well as configure security policies and features. For more information on activating any or all of these auto discovery options (API Discovery, PII Data Discovery, User Discovery) when creating a global namespace, see Auto Discovery Configuration in Global Namespace.