Recent Posts

Context, Visibility and Containment – NSX Securing “Anywhere” Part V


Welcome to part 5 of the Micro-Segmentation Defined– NSX Securing “Anywhere”  blog series. Previous topics covered in this series includes Part I –    Micro-segmentation Defined Part II –  Securing Physical Environments Part III – Operationalizing Micro-segmentation Part IV – Service Insertion In this post we describe how NSX micro-segmentation enables fundamental changes to security architectures which Read more...

“Split and smear” your security policies: Static Unidimensional vs. Dynamic Multi-Dimensional Policies


In my previous post I explained why current security architectures aiming at inspecting all inline traffic via hardware appliances are failing to provide proper segmentation and scale in modern day data centers.  As I described, this has nothing to do with the type of security technology being deployed but rather with engineering security services that Read more...

VMware NSX and Split and Smear Micro-Segmentation


While external perimeter protection requirements will most likely command hardware acceleration and support for the foreseeable future, the distributed nature of the services inside the data center calls for a totally different set of specifications. Some vendors have recently claimed they can achieve micro-segmentation at data center scale while maintaining a hardware architecture. As I Read more...