Operationalizing Micro-segmentation – NSX Securing "Anywhere" – Part III

posted

Welcome to part 3 of the Micro-Segmentation Defined – NSX Securing “Anywhere” blog series. This installment covers how to operationalize NSX Micro-Segmentation. Be sure to check out Part 1 on the definition of micro-segmentation and Part 2 on securing physical workloads with NSX. This blog covers the following topics: Micro-segmentation design patterns Determining appropriate security Read more...

Poland’s Poznań Science and Technology Park Upgrades Its Infrastructure-as-a-Service Model with VMware NSX

posted

Poznań Science and Technology Park—known in Polish as Poznańskiego Parku Naukowo-Technologicznego, or PPNT—supports the incubation of start-ups and technology companies in Poland through co-operation with science, business, and technology enterprises. Its facilities and services include laboratories, office space, and specialized research equipment, as well as IT infrastructure services like server colocation and hosting, system monitoring Read more...

Physical Security in a Virtual World – NSX Securing “Anywhere” – Part II

posted

This is the second blog post in our Micro-segmentation Defined – NSX Securing “Anywhere” blog series. This blog post walks through security requirements that exist in environments with mixed workload deployment types. A mixed workload environment is one utilizing multiple application deployment models, including applications deployed on both virtual machines and legacy physical servers. We Read more...

Micro-segmentation Defined – NSX Securing "Anywhere" – Part I

posted

The landscape of the modern data center is rapidly evolving. The migration from physical to virtualized workloads, move towards software-defined data centers, advent of a multi-cloud landscape, proliferation of mobile devices accessing the corporate data center, and adoption of new architectural and deployment models such as microservices and containers has assured the only constant in Read more...

Still Using Perimeter Defenses To Protect Your Data Center? Stop, Drop, and Defend—With Micro-Segmentation

posted

There are a lot of reasons that IT organizations are virtualizing their networks more and more—and chief among them is micro-segmentation. Micro-segmentation, which comes hand-in-hand with network virtualization, divides the data center into distinct segments. Each segment can be secured separately. When security controls and network services are separately defined and communications is isolated, an attacker’s Read more...

“Split and smear” your security policies: Static Unidimensional vs. Dynamic Multi-Dimensional Policies

posted

In my previous post I explained why current security architectures aiming at inspecting all inline traffic via hardware appliances are failing to provide proper segmentation and scale in modern day data centers.  As I described, this has nothing to do with the type of security technology being deployed but rather with engineering security services that Read more...

Automating VMware NSX Security Rules Creation using Splunk and Some Code

posted

The VMware NSX network virtualization platform allows us to build sophisticated networking and security constructs in software. NSX has a rich RESTful API which allows one to build highly flexible and automated environments. In this blog, we’re going to focus on operations and automation; we’ll demonstrate one example of automation around security policies/rules that can Read more...