grid-871475_1280

Micro-segmentation Defined – NSX Securing "Anywhere" – Part I

posted

The landscape of the modern data center is rapidly evolving. The migration from physical to virtualized workloads, move towards software-defined data centers, advent of a multi-cloud landscape, proliferation of mobile devices accessing the corporate data center, and adoption of new architectural and deployment models such as microservices and containers has assured the only constant in Read more...
8-rules-a-1024x440

Distributed Firewall ALG

posted

In the last post, VMware NSX™ Distributed Firewall installation and operation was verified. In this entry, the FTP (file transfer protocol) ALG (Application Level Gateway) is tested for associating data connections with originating control connections – something a stateless ACL (access control list) can’t do. An added benefit over stateless ACLs – most compliance standards more easily Read more...
hand-1248053_1280

Getting Started with VMware NSX Distributed Firewall – Part 2

posted

In Part 1, I covered traditional segmentation options. Here, I introduce VMware NSX Distributed Firewall for micro-segmentation, showing step-by-step how it can be deployed in an existing vSphere environment. Now, I have always wanted a distributed firewall. Never understood why I had to allow any more access to my servers than was absolutely necessary. Why Read more...
rocket-launch-67723_1280

Getting Started with VMware NSX Distributed Firewall – Part 1

posted

Who saw it coming that segmentation would be a popular term in 2015?!? Gartner analyst Greg Young was almost apologetic when he kicked off the Network Segmentation Best Practices session at the last Gartner Security Summit. As a professional with a long history in the enterprise firewall space, I know I found it odd at Read more...
bricks

What is a Distributed Firewall?

posted

In the post “What is Network Virtualization?” I described a model where the application’s complete L2-L7 virtual network is decoupled from hardware and moved into a software abstraction layer for the express purpose of automation and business agility. In this post I’ll focus on network security, and describe an imminent firewall form factor enabled by Read more...