Securing the SDDC with VMware NSX – Light Board Series

posted

Is VMware the first company that springs to mind when you think about securing your software-defined data center (SDDC)? It should be. In this new light board series, learn about the unique capabilities that VMware NSX brings to your SDDC for securing your virtualized environment. Start out with some context on why networking and security Read more...

Monitoring VMware NSX SpoofGuard with REST API and Perl

posted

In some prior blogs, we demonstrated leveraging NSX REST API with Python. See prior blogs, Automating Security Group and Policy Creation with NSX REST API and Automating VMware NSX Security Rules Creation using Splunk and Some Code. In this blog, we demonstrate how NSX REST API can be used with the popular Perl programming language. One of Perl’s Read more...

Arkin Acquisition will Further Simplify VMware NSX Operational Planning and Visibility

posted

VMware NSX is experiencing tremendous growth across the board – in number of customer deployments, sales, and partnerships. Lots of organizations have been vocal in their support of NSX, including Heartland Payment Systems, University of New Mexico, Sugar Creek, Tribune Media, and many others. These customers are deploying NSX for use cases such as micro-segmentation, Read more...

Still Using Perimeter Defenses To Protect Your Data Center? Stop, Drop, and Defend—With Micro-Segmentation

posted

There are a lot of reasons that IT organizations are virtualizing their networks more and more—and chief among them is micro-segmentation. Micro-segmentation, which comes hand-in-hand with network virtualization, divides the data center into distinct segments. Each segment can be secured separately. When security controls and network services are separately defined and communications is isolated, an attacker’s Read more...

“Split and smear” your security policies: Static Unidimensional vs. Dynamic Multi-Dimensional Policies

posted

In my previous post I explained why current security architectures aiming at inspecting all inline traffic via hardware appliances are failing to provide proper segmentation and scale in modern day data centers.  As I described, this has nothing to do with the type of security technology being deployed but rather with engineering security services that Read more...

Advanced VMware NSX Security Services with Check Point vSEC

posted

VMware NSX provides an integrated Distributed Firewall (DFW), which offers L2-L4 security at the vNIC level and protects East-West traffic, and an Edge Firewall provided by the Edge Services Gateway (ESG), which offers L2-L4 security at the edge and protects North-South traffic in and out of the Software-Defined Data Center (SDDC). Read more...

Automating VMware NSX Security Rules Creation using Splunk and Some Code

posted

The VMware NSX network virtualization platform allows us to build sophisticated networking and security constructs in software. NSX has a rich RESTful API which allows one to build highly flexible and automated environments. In this blog, we’re going to focus on operations and automation; we’ll demonstrate one example of automation around security policies/rules that can Read more...

VMware NSX and Split and Smear Micro-Segmentation

posted

While external perimeter protection requirements will most likely command hardware acceleration and support for the foreseeable future, the distributed nature of the services inside the data center calls for a totally different set of specifications. Some vendors have recently claimed they can achieve micro-segmentation at data center scale while maintaining a hardware architecture. As I Read more...