Presentation is loading. Please wait.

Presentation is loading. Please wait.

VMware NSX and Micro-Segmentation

Published byVanessa Cross Modified over 8 years ago

Similar presentations

Presentation on theme: "VMware NSX and Micro-Segmentation"— Presentation transcript:

1 VMware NSX and Micro-Segmentation
Irish R. Spring Systems Engineering Manager, NSBU Central

2 Why do breaches still occur?
Today’s data centers are protected by strong perimeter defense… But threats and exploits still infect servers. Low-priority systems are often the target. Threats can lie dormant, waiting for the right moment to strike. Attacks spread inside the data center, where internal controls are often weak. Critical systems are targeted. Server-server traffic growth has outpaced client-server traffic. The attack spreads and goes unnoticed. Possibly after months of reconnaissance, the infiltration relays secret data to the attacker.

3 The legacy security model emphasized perimeter security
Data Center Perimeter Internet Perimeter-centric network security has proven insufficient

4 And is incompatible with a world where security is needed everywhere
Adding more internal security… requires placing more firewalls across workloads Physical Firewalls Cost prohibitive with complex configurations Internet Virtual Firewalls Slower performance, costly and complicated Data Center Perimeter

5 What’s needed: a new architectural approach
Software-Defined Data Center Applications Virtual Machines Virtual Networks Virtual Storage Data Center Virtualization Compute Capacity Network Capacity Storage Capacity Location Independence

6 The next-generation networking model
VSWITCH OS Hypervisor Software Network and Security Services Now in the Hypervisor Software Load Balancing L3 Routing L2 Switching Firewalling/ACLs Hardware

7 Visibility NSX is uniquely positioned to see everything NSX
Applications Virtual Infrastructure NSX Physical Network Infrastructure Internet

8 Granular control becomes possible
NSX vSwitch VM Hypervisor High throughput rates on a per-hypervisor basis Every hypervisor adds additional east-west firewalling capacity Native feature of the VMware NSX platform

9 Delivering better security automation
NSX vSwitch VM Hypervisor Platform-based automation Automated provisioning and workload adds/moves/changes Accurate firewall policies follow workloads as they move Centralized management of single logical, distributed firewall

10 Delivering higher levels of data center security
Micro-segmentation 1 2 3 Isolation and segmentation Unit-level trust / least privilege Ubiquity and centralized control VM VM VM

11 Simplifying network security
Production Development Finance HR Security policies no longer tied to network topology Logical groups can be defined Prevents threats from spreading Web VM VM VM VM App VM VM VM VM DB VM VM VM VM

12 Thank you

13 DES MOINES th Street Urbandale, IA 50322 KANSAS CITY 6400 Glenwood St.| Suite 314 Overland Park, KS 66202 OMAHA 5940 S. 118th St. Omaha, NE 68137

Download ppt "VMware NSX and Micro-Segmentation"

Similar presentations

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.
© 2014 VMware Inc. All rights reserved. NSX Icons NSBU Product Management March 2014, v1.0.

© 2014 VMware Inc. All rights reserved. NSX Icons NSBU Product Management March 2014, v1.0.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.
VMware Virtualization Last Update 2014.02.06 2.0.0 1Copyright 2011-2014 Kenneth M. Chipps Ph.D. www.chipps.com.

VMware Virtualization Last Update Copyright Kenneth M. Chipps Ph.D.
Cisco and NetApp Confidential. Distributed under non-disclosure only. Name Date FlexPod Entry-level Solution FlexPod Value, Sized Right for Smaller Workloads.

Cisco and NetApp Confidential. Distributed under non-disclosure only. Name Date FlexPod Entry-level Solution FlexPod Value, Sized Right for Smaller Workloads.
Trusted End Host Monitors for Securing Cloud Datacenters Alan Shieh †‡ Srikanth Kandula ‡ Albert Greenberg ‡ †‡

Trusted End Host Monitors for Securing Cloud Datacenters Alan Shieh †‡ Srikanth Kandula ‡ Albert Greenberg ‡ †‡
By Sean Danko.  What is Virtualization  How does Virtualization Work  History of Virtualization  Why Should I Virtualize  Infrastructure  Advantages.

By Sean Danko.  What is Virtualization  How does Virtualization Work  History of Virtualization  Why Should I Virtualize  Infrastructure  Advantages.
A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.

A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
CON7349 - Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.

CON Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.
INTRODUCING: KASPERSKY Security FOR VIRTUALIZATION | LIGHT AGENT FOR MICROSOFT AND CITRIX VIRTUAL ENVIRONMENTS.

INTRODUCING: KASPERSKY Security FOR VIRTUALIZATION | LIGHT AGENT FOR MICROSOFT AND CITRIX VIRTUAL ENVIRONMENTS.
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
© 2015 VMware Inc. All rights reserved. Software-Defined Data Center: Security for the new battlefield Rob Randell, CISSP Director/Principal Architect.

© 2015 VMware Inc. All rights reserved. Software-Defined Data Center: Security for the new battlefield Rob Randell, CISSP Director/Principal Architect.
Adaptive Server Farms for the Data Center Contact: Ron Sheen Fujitsu Siemens Computers, Inc Sever Blade Summit, Getting the.

Adaptive Server Farms for the Data Center Contact: Ron Sheen Fujitsu Siemens Computers, Inc Sever Blade Summit, Getting the.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
How to protect your Virtual Datacenter Michiel van den Bos.

How to protect your Virtual Datacenter Michiel van den Bos.
Data Center Network Redesign using SDN

Data Center Network Redesign using SDN

Similar presentations

Ads by Google