Announcing the Carbon Black Workload Sensor Gateway

February 16, 2023

Among our latest releases in the Cloud Workload Protection space, we are excited to announce the arrival of the VMware Carbon Black Workload Sensor Gateway. Available today for Linux operating systems, this feature will help enterprises keep their workloads secure and insulated from any traffic, bringing full NGAV, EDR and Audit/Remediation capabilities for air-gapped systems.

Quick Snapshot


  • CA Signed Certificate
  • Static IP/FQDN
  • Internet access for Sensor Gateway
  • Network accessibility between Carbon Black Sensor and Sensor Gateway
  • Port 443 open on Sensor Gateway
  • DNS Mapping of Sensor Gateway to IP*
    *Not needed if CA signed certificate is issued for specific IP

Use Cases

  • Secure workloads in air-gapped environments


  • Remove the burden of owning, managing, and budgeting for additional proxy servers
  • Pass compliance audits by keeping SaaS services outside of the purview of compliance
  • Enable outbound sensor traffic to go through a trusted entity

Supported OS

  • RHEL 8
  • Ubuntu 20.04, Ubuntu 18.04
  • Oracle Linux 8

    Many global enterprises need to ensure their workloads are not directly exposed to the Internet for security, regulatory and compliance reasons. For these organizations, only a handful of identified computers or appliances can receive traffic from the Internet and respond to that traffic. With the Sensor Gateway, VMware Carbon Black will help enterprises keep their workloads secure and insulated from any Internet traffic, removing the burden of owning, managing, and budgeting for additional proxy servers. This feature will also help enterprises pass compliance audits and reduce the attack surface for workloads by directing sensor traffic through a trusted secure entity.

    Sensor Gateway Key Capabilities and Benefits

    Internal Secure Gateway for All Inbound/Outbound Communication
    All communication to and from VMware Carbon Black Cloud is directed through the Sensor Gateway. All sensors deployed on the workloads will communicate with the Carbon Black Cloud via the Carbon Black Workload Sensor Gateway.

    Easy Sensor Gateway Scaling 
    Each Sensor Gateway will be able to support up to ten thousand sensors. Following this threshold, additional sensor gateways can be spun up to handle the increased workload.

    Improve Security Posture for Your Most Locked-Down Systems
    Many organizations are forced to use older signature-based antivirus products with few EDR capabilities on air-gapped networks. Replace legacy signature-only antivirus products with modern NGAV and leverage true EDR capabilities for stronger security.

    Notifications and Alerts 
    When a Sensor Gateway is disconnected or overburdened, customers will be notified in the product as well as via email. Customers will also have the ability to turn off subsequent notifications in the UI if they wish to do so.

    Broad OS Support
    The Carbon Black Sensor Gateway will support Virtual Machines and Physical Servers along with commonly used Linux operating systems as noted in the supported OS above. Windows support will be added shortly. 

    Sensor Gateway mapping

    To learn more about this feature and other updates with VMware Carbon Black, check out our release notes here.

    Filter Tags

    Securing Multi-Cloud Workload Blog Announcement What's New Overview Linux VMware Security