VMware NSX and Micro-Segmentation

Slides:

Advertisements

Similar presentations

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.

Advertisements

© 2014 VMware Inc. All rights reserved. NSX Icons NSBU Product Management March 2014, v1.0.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Software Defined Networking.

VMware Virtualization Last Update Copyright Kenneth M. Chipps Ph.D.

Cisco and NetApp Confidential. Distributed under non-disclosure only. Name Date FlexPod Entry-level Solution FlexPod Value, Sized Right for Smaller Workloads.

Trusted End Host Monitors for Securing Cloud Datacenters Alan Shieh †‡ Srikanth Kandula ‡ Albert Greenberg ‡ †‡

By Sean Danko.  What is Virtualization  How does Virtualization Work  History of Virtualization  Why Should I Virtualize  Infrastructure  Advantages.

A SOLUTION: 2X REMOTE APPLICATION SERVER. 2X REMOTE APPLICATION SERVER.

Unified Logs and Reporting for Hybrid Centralized Management

Citrix Partner Update The Citrix Delivery Centre.

CON Software-Defined Networking in a Hybrid, Open Data Center Krishna Srinivasan Senior Principal Product Strategy Manager Oracle Virtual Networking.

INTRODUCING: KASPERSKY Security FOR VIRTUALIZATION | LIGHT AGENT FOR MICROSOFT AND CITRIX VIRTUAL ENVIRONMENTS.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

© 2015 VMware Inc. All rights reserved. Software-Defined Data Center: Security for the new battlefield Rob Randell, CISSP Director/Principal Architect.

Adaptive Server Farms for the Data Center Contact: Ron Sheen Fujitsu Siemens Computers, Inc Sever Blade Summit, Getting the.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

How to protect your Virtual Datacenter Michiel van den Bos.

Data Center Network Redesign using SDN

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

© 2009 VMware Inc. All rights reserved Confidential VMware: An Overview Pat Gelsinger, CEO.

Cloud Computing Cloud Computing Class-1. Introduction to Cloud Computing In cloud computing, the word cloud (also phrased as "the cloud") is used as a.

© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.

Extreme Networks Confidential and Proprietary. © 2010 Extreme Networks Inc. All rights reserved.

The Next Phase of Virtual Infrastructure Kevin Bailey Director - Product Marketing EMEA Symantec Corporation.

SAIGONTECH COPPERATIVE EDUCATION NETWORKING Spring 2010 Seminar #1 VIRTUALIZATION EVERYWHERE.

SAIGONTECH COPPERATIVE EDUCATION NETWORKING Spring 2009 Seminar #1 VIRTUALIZATION EVERYWHERE.

Introduction to VMware Virtualization

The Citrix Delivery Center. 2 © 2008 Citrix Systems, Inc. — All rights reserved Every Day, IT Gets More Complex EMPLOYEES PARTNERS CUSTOMERS.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.

Complete Security. Threats changing, still increasing Data everywhere, regulations growing Users everywhere, using everything We’re focused on protecting.

The Open Source Virtual Lab: a Case Study Authors: E. Damiani, F. Frati, D. Rebeccani, M. Anisetti, V. Bellandi and U. Raimondi University of Milan Department.

AUTOMATING ADVANCED SECURITY

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC THAT’S THE ANSWER WHAT’S THE QUESTION? Software Defined Networking Dan DeBacker Principal.

Uwe Lüthy Solution Specialist, Core Infrastructure Microsoft Corporation Integrated System Management.

How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.

Look, Ma, No Hardware -Stephanie Schossow. Cisco & VMware  September 16, Industry leaders in virtualization Cisco and VMware® announced that they.

Micro segmentation with Next Generation Firewall and Vmware NSX

© 2014 VMware Inc. All rights reserved. NSX – Introduzione e casi d’Uso Luca Morelli – Sr Sales Engineer - NSX

Microsoft Azure Active Directory. AD Microsoft Azure Active Directory.

Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.

SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

CLOUD COMPUTING WHAT IS CLOUD COMPUTING?  Cloud Computing, also known as ‘on-demand computing’, is a kind of Internet-based computing,

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

© 2015 VMware Inc. All rights reserved. Software-Defined Data Center Module 2.

© ExplorNet’s Centers for Quality Teaching and Learning 1 Explain the purpose of Microsoft virtualization. Objective Course Weight 2%

Barracuda Networks. Safe Public Cloud Transitions Why Barracuda? The Challenge When organizations move workloads to the public cloud, data protection.

Cloud Agility with Performance Bridging the Performance Gap for Virtual Network Infrastructure Paul Andersen Sr. Marketing Director.

The next big shift in your data center VMware NSX with HPE.

Deep Security and VMware NSX Advanced Security Framework for the Software-Defined Data Center Anand Patil National Sales Manager, SDDC CONFIDENTIAL1.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Securing Enterprise Identities Against Cyberthreats Brian Krause Manager of North America.

Check Point vSEC STORY [Protected] Non-confidential content.

Stop Cyber Threats With Adaptive Micro-Segmentation

STEPS TO A CLOUD READY DATA CENTER

Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM

Hybrid Management and Security

Threat Ready: The Benefits of Segmentation

VMware NSX and Micro-Segmentation

Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.

Company Overview & Strategy

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

NSX Data Center for Security

AT&T Network Based Firewall with NetBond® for Cloud

Presentation transcript:

VMware NSX and Micro-Segmentation Irish R. Spring Systems Engineering Manager, NSBU Central

Why do breaches still occur? Today’s data centers are protected by strong perimeter defense… But threats and exploits still infect servers. Low-priority systems are often the target. Threats can lie dormant, waiting for the right moment to strike. 10110100110 101001010000010 1001110010100 Attacks spread inside the data center, where internal controls are often weak. Critical systems are targeted. Server-server traffic growth has outpaced client-server traffic. The attack spreads and goes unnoticed. Possibly after months of reconnaissance, the infiltration relays secret data to the attacker.

The legacy security model emphasized perimeter security Data Center Perimeter Internet Perimeter-centric network security has proven insufficient

And is incompatible with a world where security is needed everywhere Adding more internal security… requires placing more firewalls across workloads Physical Firewalls Cost prohibitive with complex configurations Internet Virtual Firewalls Slower performance, costly and complicated Data Center Perimeter

What’s needed: a new architectural approach Software-Defined Data Center Applications Virtual Machines Virtual Networks Virtual Storage Data Center Virtualization Compute Capacity Network Capacity Storage Capacity Location Independence

The next-generation networking model VSWITCH OS Hypervisor Software Network and Security Services Now in the Hypervisor Software Load Balancing L3 Routing L2 Switching Firewalling/ACLs Hardware

Visibility NSX is uniquely positioned to see everything NSX Applications Virtual Infrastructure NSX Physical Network Infrastructure Internet

Granular control becomes possible NSX vSwitch VM Hypervisor High throughput rates on a per-hypervisor basis Every hypervisor adds additional east-west firewalling capacity Native feature of the VMware NSX platform

Delivering better security automation NSX vSwitch VM Hypervisor Platform-based automation Automated provisioning and workload adds/moves/changes Accurate firewall policies follow workloads as they move Centralized management of single logical, distributed firewall

Delivering higher levels of data center security Micro-segmentation 1 2 3 Isolation and segmentation Unit-level trust / least privilege Ubiquity and centralized control VM VM VM

Simplifying network security Production Development Finance HR Security policies no longer tied to network topology Logical groups can be defined Prevents threats from spreading Web VM VM VM VM App VM VM VM VM DB VM VM VM VM

Thank you

DES MOINES 3600 109th Street Urbandale, IA 50322 515.422.9300 KANSAS CITY 6400 Glenwood St.| Suite 314 Overland Park, KS 66202 816.423.8048 OMAHA 5940 S. 118th St. Omaha, NE 68137 402.408.0581