Check-out the new white paper on leveraging NSX-V for security within the VxRAIL hyper-converged platform. The paper outlines how VxRAIL hyper-converged solutions leveraging NSX-V for security solves many of the security challenges with traditional silo-based architectures. A brief outline is provided below. Make sure to checkout the white paper for additional details.
Figure 1 below shows a visualization of going from a traditional silo-based solution to a converged solution leveraging VxRAIL with NSX-V for security. The optional NSX add-on provides security baked into the VxRAIL converged appliance allowing for a single pane of glass for managing workloads and their respective security policies.
In addition to NSX-V complementing the hyper-converged architecture of VxRAIL, NSX-V security on VxRAIL provides for several use cases outlined below.
1. VDI with NSX-V Providing for Enhanced Security Services
In this security use case, the organization is utilizing VDI desktops and has a need to secure the VDI nodes and back-end services being utilized; for this NSX-V DFW is utilized as shown in Figure 2 below.
2. Micro-segmentation for Applications
In this use case, the organization has multiple applications running within a VxRAIL environment and desires to provide enhanced security to the application by further segmenting the data center/network and providing security closer to the application via micro-segmentation.
Since NSX is applying security policies at the vNIC-level, NSX is agnostic to whether the security policies are for workloads on the same network or between networks as shown in Figure 4 and Figure 5. Additionally, unlike physical security appliances, there is no hair-pinning an external device.
3. DMZ Anywhere
In this last security use case, the organization is leveraging NSX-V to easily create a DMZ environment anywhere within the network simply by leveraging native NSX-V security capabilities.
Optionally, advanced 3rd party security services with Palo Alto Networks, Check Point, etc. can be leveraged within the virtual environment leveraging the NSX-V network introspection framework as shown below in Figure 7.
For additional information/details make sure to checkout the white paper: Security for Hyper-Converged Solutions: Dell EMC VxRAIL Appliances – VMware vSAN Readymades with VMware NSX-V.