“Split and smear” your security policies: Static Unidimensional vs. Dynamic Multi-Dimensional Policies

posted

In my previous post I explained why current security architectures aiming at inspecting all inline traffic via hardware appliances are failing to provide proper segmentation and scale in modern day data centers.  As I described, this has nothing to do with the type of security technology being deployed but rather with engineering security services that Read more...

Automating VMware NSX Security Rules Creation using Splunk and Some Code

posted

The VMware NSX network virtualization platform allows us to build sophisticated networking and security constructs in software. NSX has a rich RESTful API which allows one to build highly flexible and automated environments. In this blog, we’re going to focus on operations and automation; we’ll demonstrate one example of automation around security policies/rules that can Read more...

VMware NSX and Split and Smear Micro-Segmentation

posted

While external perimeter protection requirements will most likely command hardware acceleration and support for the foreseeable future, the distributed nature of the services inside the data center calls for a totally different set of specifications. Some vendors have recently claimed they can achieve micro-segmentation at data center scale while maintaining a hardware architecture. As I Read more...

Why It’s Time to Build a Zero Trust Network

posted

Network security, for a long time, has worked off of the old Russian maxim, “trust but verify.” Trust a user, but verify it’s them. However, today’s network landscape — where the Internet of Things, the Cloud, and more are introducing new vulnerabilities — makes the “verify” part of “trust but verify” difficult and inefficient. We Read more...

VMware NSX and vRealize Automation Overview – Part 1

posted

VMware NSX network virtualization and vRealize Automation deliver a feature rich, dynamic integration that provides the capability to deploy applications along with network and security services at provisioning time while maintaining compliance with the required security and connectivity policies. This native integration highlights the value of NSX when combined with automation and self-service and shows Read more...

Organizations Can Be Twice As Secure at Half the Cost

posted

Last week at VMworld, Pat Gelsinger made a statement that got folks buzzing. During his keynote, he said that integrating security into the virtualization layer would result in organizations being twice as secure at half the cost. As a long-time security guy, statements like that can seem a little bold, but VMware has data, and Read more...

VMware NSX – It’s About the Platform Ecosystem

posted

The basis of competition has shifted from individual products and technologies to platforms, but with everyone aspiring to be a platform the bar is set high. A platform must be a value-creation entity, underpinned by a robust architecture that includes a set of well-integrated software artifacts and programming interfaces to enable reuse and extensibility by Read more...