Use Case Brief NETWORK SECURITY

Size: px
Start display at page:

Download "Use Case Brief NETWORK SECURITY"

Transcription

1 Use Case Brief NETWORK SECURITY As Datacenter architectures have incorporated virtualization, new application topologies, and new programming constructs such as Docker Containers, new security gaps have emerged. This brief describes how Nuage Networks fills critical security gaps within and across datacenters.

2 Challenges Providing network security is becoming an increasingly daunting task in the cloud world: Rate of change accelerating: Cloud architectures are dynamic, making the maintenance of fixed security measures such as access control lists (ACLs) cumbersome and expensive. Complexity is increasing: Compared to legacy applications that communicate north-south, modern cloud applications leverage multiple networking layers that communicate along unsecured east-west data paths within the datacenter. Attacks growing in sophistication and persistence: Hacking is increasingly performed by professionals who have financial or other incentives to compromise the network, even if the penetration takes months to accomplish. These challenges are summarized in Figure 1. In this example, VM-to-VM communication within the hypervisor is unprotected, as is application-to-application communication within a rack or over the datacenter network. A hacker that compromises a single VM or application can readily move sideways within the datacenter to attack other VMs and applications. To secure all of these interconnections, interstitial firewalls could be used, but the definition process is time-consuming, manual, and prone to error. FIGURE 1. East-west datacenter traffic is unprotected Datacenter Security Gaps Datacenter Network VM VM VM VM VM VM (VMware) (Xen) Bare Metal Rack 3 2

3 How We Help You Nuage Networks Virtualized Services Platform (VSP) has been architected to be a non-disruptive overlay for all existing virtualized and non-virtualized network resources. No purpose-built networking hardware is required since all components are virtualized. Similar to how cell phones preserve their attributes while in roam mode, Nuage Networks VSP preserves the network attributes (required network settings including security) no matter where the workload is placed. By replacing the tie to the physical network element with a set of required network attributes, Nuage Networks VSP provides full network roaming capabilities for your workloads. Nuage Networks VSP provides critical ingredients in cloud environments universal and consistent security policies and enforcement at a fine-grained level. Beginning with a Zero Trust security model by default, any security model can be implemented from micro-segmentation at the VM level all the way up to application-level controls. Security policies are defined in business terms using declarative policies (such as You MUST use HTTP Authentication when accessing this application ) rather than rigid controls based on everchanging IP addresses. As shown in Figure 2, the Virtual Services Controller (VSC) provides control plane coordination (as indicated by the dotted line) among one-to-many Virtual Routing and Switching (VRS) components. The VRS data plane component includes both an embedded virtual switch (vswitch) and a firewall. FIGURE 2. A private cloud with full automation across CMS systems and locations Multilayer Security Controls Fill Datacenter Security Gaps Datacenter Network Gateway VM VM VM VM VM VM (VMware) (Xen) Bare Metal Rack 3 VSC VSD VRS 3

4 Starting at the initial connection point to the network, VMs and applications are fully secured and isolated. VM to VM network traffic is secured both within a rack and between racks. For example, assume a VM wants to set up a session with another VM in the same rack. Without Nuage Networks VSP, this traffic would be both unsecured and unmonitored. With Nuage Networks VSP, since VMs are secured within the hypervisor, intra-datacenter and intrarack traffic is fully secured. Security is defined both with a single, unchangeable master policy and dependent policies. Leveraging these policies, VMs can be moved either within the datacenter or across datacenters in a completely automated fashion. Nuage Networks ensures the VM s metadata (network and security settings) are preserved and moved with the application or VM. Then, when the application or VM boots, Nuage Networks VSP is triggered and takes the appropriate action(s). Via Nuage Network s Service Chaining automation capabilities, multi-step authorizations (such as enabling cascading security checks down multiple firewalls) can be performed. Granular tracking provides the detailed source data needed for auditing, threat detection and problem investigation. The master security policy cannot be over-ridden at any level, yet dependent security policies, such as those impacting a single VM, can modify authorized parameters. This hierarchy of policies ensures that central IT can enforce overall security policies, yet provide local control and customization as needed. Every network event, including changes to security policies, is collected and stored in a robust Apache Hadoop datastore. Auditing, threat detection and problem investigation are possible, effective and efficient with this granularity of logging. Hackers typically take advantage of the lack of network security within a datacenter. Nuage Networks VSP, by providing security policies for traffic within the datacenter, helps close this vulnerability. 4

5 How this Approach Changes the Game This innovative approach provides game-changing functionality for private and public clouds. A few capabilities are highlighted below. Benefits Provides consistent, multitenant security: Ensures that security is applied from the top down consistently, efficiently and automatically for each tenant, application, or VM. The Nuage Networks VSP policy approach eliminates manual errors and ensures that VM and application mobility does not compromise security. Fills security gaps: Fills critical network security gaps within the datacenter. Nuage Networks VSP enforces security for VMs and applications at the first connection point of the network and also uniquely secures intradatacenter traffic. Empowers investigations: Enables security issues to be efficiently tracked down and resolved. Since each network policy change and network event is filed into a centralized Hadoop database, security issues can be readily tracked and investigated. Minimizes Virtualization Attack Surface: By protecting VM to VM communications even within the hypervisor, the overall attack surface is minimized. Even if a hacker compromises a VM, it will be difficult to branch to other VMs on the same hypervisor. High Security within the Datacenter: Legacy security approaches focus on external threats rather than threats within the datacenter. The built-in security of Nuage Networks VSP, including the default Zero Trust model, operates at the VM and virtual network levels. By protecting the datacenter at the first connection point to the network for VMs and applications, full security and isolation are provided within the hypervisor, rack and datacenter. Complete UI-driven Self-service Security: End users can control every aspect of their virtualized environment with their choice of user interfaces (such as a CMS interface, Nuage Networks VSP, or an in-house interface). Security controls are provided within the limits allowed by centralized policies. Self-service capabilities increase customer control and enable both private and public clouds to handle staggering volumes of customers, virtual machines and request volumes. Automated Security Efficiencies: With the use of intelligent, declarative policies, VMs and applications can be instantiated or moved programmatically without having to manually define security definitions, even complex multitier firewall definitions. Compliance: Every policy can be printed for review. Each network event that required a security response can also be reported from the Hadoopbased datastore. These capabilities make auditing and compliance a breeze. Investigations: Network events, including the policy-based response, are tracked in a Hadoop database. This richness of time-stamped detail enables ready tracking and investigation of security issues. 5

6 Why Our Network Security is Unmatched Nuage Networks is the best software defined networking choice for security. Our products include security capabilities that cannot be matched by any other vendor. Fills critical network security gaps within a cloud datacenter Nuage Network s SDN products enforce security for virtual machines (VMs) and applications at the first connection point of the network, minimizing vulnerabilities. It also uniquely secures critical, and largely unprotected, intra-datacenter (east-west) traffic. Maximizes security for complex applications Our SDN architecture maximizes security even for today s complex web-based applications (such as multi-tiered with interstitial firewalls) and new programming constructs such as containers. Allows you to choose the best control models for each physical and logical construct Rather than a one-size-fits-all approach, fine-grained controls, including the Nuage Networks vswitch and robust security policies, allow you to tailor security requirements to the department, network, application, container or VM. Nuage Networks and the Nuage Networks logo are trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners. The information presented is subject to change without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein. Copyright 2015 Alcatel-Lucent. All rights reserved. MKT EN (January)

Use Case Brief BORDERLESS DATACENTERS

Use Case Brief BORDERLESS DATACENTERS Use Case Brief BORDERLESS DATACENTERS Today s cloud service providers must maintain consistent levels of service for each end user or customer, independent of physical location and hardware. This brief

More information

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION At many enterprises today, end users are demanding a powerful yet easy-to-use Private

More information

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION Cloud Management Software can coordinate and automate server, network, and storage operations within the modern datacenter. This brief describes how

More information

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers Why it s unique The Nuage Networks VSP is the only enterprise and service provider-grade SDN platform that:

More information

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking

More information

STRATEGIC WHITE PAPER. The next step in server virtualization: How containers are changing the cloud and application landscape

STRATEGIC WHITE PAPER. The next step in server virtualization: How containers are changing the cloud and application landscape STRATEGIC WHITE PAPER The next step in server virtualization: How containers are changing the cloud and application landscape Abstract Container-based server virtualization is gaining in popularity, due

More information

Business Values of Network and Security Virtualization

Business Values of Network and Security Virtualization Business Values of Network and Security Virtualization VMware NSX in the context of the Software Defined Data Center Klaus Jansen Virtual Networks Sales Specialist VMware NSBU 2014 VMware Inc. All rights

More information

The evolving IT environment: Maximizing potential of open hybrid clouds

The evolving IT environment: Maximizing potential of open hybrid clouds The evolving IT environment: Maximizing potential of open hybrid clouds Every enterprise, from small-and-medium businesses (SMBs) to global enterprises, needs business applications to run its business.

More information

Virtualized Network Services SDN solution for enterprises

Virtualized Network Services SDN solution for enterprises Virtualized Network Services SDN solution for enterprises Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise s locations

More information

Virtualized Network Services SDN solution for service providers

Virtualized Network Services SDN solution for service providers Virtualized Network Services SDN solution for service providers Nuage Networks Virtualized Network Services (VNS) is a fresh approach to business networking that seamlessly links your enterprise customers

More information

How Network Virtualization can improve your Data Center Security

How Network Virtualization can improve your Data Center Security How Network Virtualization can improve your Data Center Security Gilles Chekroun SDDC, NSX Team EMEA gchekroun@vmware.com 2014 VMware Inc. All rights reserved. Security IT spending Security spending is

More information

1 COPYRIGHT 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED.

1 COPYRIGHT 2013 ALCATEL-LUCENT. ALL RIGHTS RESERVED. Welcome to this overview about Software-Defined Networking, or SDN, and Network Virtualization. This training course will not only provide the technical background to SDN, but will also show the value

More information

Delivering the Software Defined Data Center

Delivering the Software Defined Data Center Delivering the Software Defined Data Center Georgina Schäfer Sr. Product Marketing Manager VMware Calvin Rowland, VP, Business Development F5 Networks 2014 VMware Inc. All rights reserved. F5 & Vmware

More information

FLEXIBLE NETWORK SERVICES TO DRIVE YOUR ENTERPRISE AT CLOUD SPEED. Solution Primer

FLEXIBLE NETWORK SERVICES TO DRIVE YOUR ENTERPRISE AT CLOUD SPEED. Solution Primer FLEXIBLE NETWORK SERVICES TO DRIVE YOUR ENTERPRISE AT CLOUD SPEED Solution Primer ABSTRACT Software Defined Networking (SDN) has delivered significant benefits to datacenter networks, making it possible

More information

Unconstrained Datacenter Networks for the Cloud Era

Unconstrained Datacenter Networks for the Cloud Era Unconstrained Datacenter Networks for the Cloud Era Abstract The value of cloud services lies in the rapid and cost-effective instantiation of applications that can be consumed by users anywhere. Enterprises

More information

Bringing the Cloud to the Enterprise Branch and WAN: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY

Bringing the Cloud to the Enterprise Branch and WAN: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY Bringing the Cloud to the Enterprise Branch and WAN: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY The principles of cloud computing are transforming the information

More information

PLUMgrid Open Networking Suite Service Insertion Architecture

PLUMgrid Open Networking Suite Service Insertion Architecture White Paper PLUMgrid Open Networking Suite Service Insertion Architecture Introduction A rapid increase in the use of cloud services across the globe require networks to be adaptable and flexible. PLUMgrid

More information

Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack

Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack Dave Tucker Hewlett-Packard April 2013 1 About Me Dave Tucker WW Technical Marketing HP Networking dave.j.tucker@hp.com Twitter:

More information

May 13-14, 2015. Copyright 2015 Open Networking User Group. All Rights Reserved Confiden@al Not For Distribu@on

May 13-14, 2015. Copyright 2015 Open Networking User Group. All Rights Reserved Confiden@al Not For Distribu@on May 13-14, 2015 Virtual Network Overlays Working Group Follow up from last ONUG use case and fire side discussions ONUG users wanted to see formalized feedback ONUG users wanted to see progression in use

More information

GAINING FULL CONTROL OF YOUR NETWORK WITH SERVICE PROVIDER SDN STRATEGIC WHITE PAPER

GAINING FULL CONTROL OF YOUR NETWORK WITH SERVICE PROVIDER SDN STRATEGIC WHITE PAPER GAINING FULL CONTROL OF YOUR NETWORK WITH SERVICE PROVIDER SDN STRATEGIC WHITE PAPER While the focus of software-defined networking (SDN) so far has been the automation of data center (DC) networks, service

More information

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments What You Will Learn Deploying network services in virtual data centers is extremely challenging. Traditionally, such Layer

More information

CHECK POINT & VMWARE NSX AUTOMATING ADVANCED SECURITY FOR THE SOFTWARE-DEFINED DATACENTER

CHECK POINT & VMWARE NSX AUTOMATING ADVANCED SECURITY FOR THE SOFTWARE-DEFINED DATACENTER CHECK POINT & VMWARE NSX AUTOMATING ADVANCED SECURITY FOR THE SOFTWARE-DEFINED DATACENTER Micki Boland Virtual and Cloud Cyber Security Architect mboland@checkpoint.com 2015 Check Point Software Technologies

More information

Data Center Micro-Segmentation

Data Center Micro-Segmentation Data Center Micro-Segmentation A Software Defined Data Center Approach for a Zero Trust Security Strategy W H I T E P A P E R Table of Contents Executive Summary... 3 The Software Defined Data Center is

More information

Open Source Networking for Cloud Data Centers

Open Source Networking for Cloud Data Centers Open Source Networking for Cloud Data Centers Gaetano Borgione Distinguished Engineer @ PLUMgrid April 2015 1 Agenda Open Source Clouds with OpenStack Building Blocks of Cloud Networking Tenant Networks

More information

Branches as Nimble as the Cloud: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY

Branches as Nimble as the Cloud: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY Branches as Nimble as the Cloud: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY The principles of cloud computing are transforming the delivery of information services

More information

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc. White Paper Juniper Networks Solutions for VMware NSX Enabling Businesses to Deploy Virtualized Data Center Environments Copyright 2013, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3

More information

Deploying Advanced Firewalls in Dynamic Virtual Networks

Deploying Advanced Firewalls in Dynamic Virtual Networks SOLUTION GUIDE Deploying Advanced Firewalls in Dynamic Virtual Networks Enterprise-Ready Security for Network Virtualization 1 This solution guide describes how to simplify deploying virtualization security

More information

TECHNOLOGY WHITE PAPER. Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform

TECHNOLOGY WHITE PAPER. Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform TECHNOLOGY WHITE PAPER Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform Abstract Enterprises are expanding their private clouds and extending

More information

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER JOINT SDN SOLUTION BY ALCATEL-LUCENT ENTERPRISE AND NEC APPLICATION NOTE EXECUTIVE SUMMARY Server

More information

Virtualization, SDN and NFV

Virtualization, SDN and NFV Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,

More information

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011 Network Virtualization for the Enterprise Data Center Guido Appenzeller Open Networking Summit October 2011 THE ENTERPRISE DATA CENTER! Major Trends change Enterprise Data Center Networking Trends in the

More information

Pluribus Netvisor Solution Brief

Pluribus Netvisor Solution Brief Pluribus Netvisor Solution Brief Freedom Architecture Overview The Pluribus Freedom architecture presents a unique combination of switch, compute, storage and bare- metal hypervisor OS technologies, and

More information

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks A Coordinated Virtual Infrastructure for SDN in Enterprise Networks Software Defined Networking (SDN), OpenFlow and Application Fluent Programmable Networks Strategic White Paper Increasing agility and

More information

EXTENSIBLE WIDE AREA NETWORKING

EXTENSIBLE WIDE AREA NETWORKING EXTENSIBLE WIDE AREA NETWORKING Leverage Software Defined Networking to deliver flexible network services to branch offices @nuagenetworks Your clients and end users want instant access to their chosen

More information

The Value of Open vswitch, Fabric Connect and Fabric Attach in Enterprise Data Centers

The Value of Open vswitch, Fabric Connect and Fabric Attach in Enterprise Data Centers The Value of Open vswitch, Fabric Connect and Fabric Attach in Enterprise Data Centers Table of Contents Enter Avaya Fabric Connect. 2 A typical data center architecture with Avaya SDN Fx... 3 A new way:

More information

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath Citrix NetScaler for Cisco Nexus 1000v White Paper Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

More information

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 Network Virtualization Overview... 1 Network Virtualization Key Requirements to be validated...

More information

CONSUMABLE DATACENTER NETWORKING

CONSUMABLE DATACENTER NETWORKING CONSUMABLE DATACENTER NETWORKING Using SDN concepts to create an infrastructure in which network resources are as readily consumable as compute and storage resources @nuagenetworks Your clients and end

More information

2013 ONS Tutorial 2: SDN Market Opportunities

2013 ONS Tutorial 2: SDN Market Opportunities 2013 ONS Tutorial 2: SDN Market Opportunities SDN Vendor Landscape and User Readiness Jim Metzler, Ashton, Metzler & Associates Jim@ashtonmetzler.com April 15, 2013 1 1 Goals & Non-Goals Goals: Describe

More information

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware VM-Series for VMware The VM-Series for VMware supports VMware NSX, ESXI stand-alone and vcloud Air, allowing you to deploy next-generation firewall security and advanced threat prevention within your VMware-based

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer HAWAII TECH TALK SDN Paul Deakin Field Systems Engineer SDN What Is It? SDN stand for Software Defined Networking SDN is a fancy term for: Using a controller to tell switches where to send packets SDN

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

Data Center Virtualization and Cloud QA Expertise

Data Center Virtualization and Cloud QA Expertise Data Center Virtualization and Cloud QA Expertise Highlights Broad Functional QA Experience Deep understanding of Switching and Routing Protocols Strong hands on experience in multiple hyper-visors like

More information

Itex VMware NSX Network Virtualization Presentation

Itex VMware NSX Network Virtualization Presentation Itex VMware NSX Network Virtualization Presentation Gabriel Maciel VCP3, VCP4/5-DCV, Security+, Project+ Sr. Systems Engineer Canadian Federal Government @gmaciel_ca 2014 VMware Inc. All rights reserved.

More information

WHITE PAPER: Egenera Cloud Suite

WHITE PAPER: Egenera Cloud Suite WHITE PAPER: Egenera Cloud Suite ... Introduction Driven by ever-increasing business demand, cloud computing has become part of many organizations IT strategy today. Driving this transition is the need

More information

Securing the Virtualized Data Center With Next-Generation Firewalls

Securing the Virtualized Data Center With Next-Generation Firewalls Securing the Virtualized Data Center With Next-Generation Firewalls Data Center Evolution Page 2 Security Hasn t Kept Up with Rate Of Change Configuration of security policies are manual and slow Weeks

More information

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Five Steps For Securing The Data Center: Why Traditional Security May Not Work White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center

More information

Enterprise Data Center Networks

Enterprise Data Center Networks Enterprise Data Center Networks Isabelle Guis Big Switch Networks Vice President of Outbound Marketing ONF Market Education Committee Chair 1 This Session Objectives Leave with an understanding of Data

More information

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera rbarrera@grupo-dice.com. VERSION May, 2015

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera rbarrera@grupo-dice.com. VERSION May, 2015 Simplify IT With Cisco Application Centric Infrastructure Roberto Barrera rbarrera@grupo-dice.com VERSION May, 2015 Content Understanding Software Definded Network (SDN) Why SDN? What is SDN and Its Benefits?

More information

Network Virtualization: Delivering on the Promises of SDN. Bruce Davie, Principal Engineer

Network Virtualization: Delivering on the Promises of SDN. Bruce Davie, Principal Engineer Network Virtualization: Delivering on the Promises of SDN Bruce Davie, Principal Engineer What does SDN promise? The original* SDN promise was: Enable rapid innovation in networking Enable new forms of

More information

Installing Intercloud Fabric Firewall

Installing Intercloud Fabric Firewall This chapter contains the following sections: Information About the Intercloud Fabric Firewall, page 1 Prerequisites, page 1 Guidelines and Limitations, page 2 Basic Topology, page 2 Intercloud Fabric

More information

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service

More information

AlcAtel-lucent enterprise AnD sdnsquare sdn² network solution enabling highly efficient, volumetric, time-critical data transfer over ip networks

AlcAtel-lucent enterprise AnD sdnsquare sdn² network solution enabling highly efficient, volumetric, time-critical data transfer over ip networks AlcAtel-lucent enterprise AnD sdnsquare sdn² network solution enabling highly efficient, volumetric, time-critical data transfer over ip networks Internet technology has completely changed the networking

More information

Cisco Network Services Manager 5.0

Cisco Network Services Manager 5.0 Data Sheet Cisco Network Services Manager 5.0 Cisco Network Services Manager is designed to help enable customers to organize their network resources into a flexible multi-tenant infrastructure that integrates

More information

Securing the Intelligent Network

Securing the Intelligent Network WHITE PAPER Securing the Intelligent Network Securing the Intelligent Network New Threats Demand New Strategies The network is the door to your organization for both legitimate users and would-be attackers.

More information

ENABLING THE COLLABORATIVE SERVICE PROVIDER

ENABLING THE COLLABORATIVE SERVICE PROVIDER ENABLING THE COLLABORATIVE SERVICE PROVIDER Alcatel-Lucent s software optimized IP and Optical networks build new bridges for Danish collaboration Kristian.Andersson@alcatel-lucent.com September 30 2014

More information

CoIP (Cloud over IP): The Future of Hybrid Networking

CoIP (Cloud over IP): The Future of Hybrid Networking CoIP (Cloud over IP): The Future of Hybrid Networking An overlay virtual network that connects, protects and shields enterprise applications deployed across cloud ecosystems The Cloud is Now a Critical

More information

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Seven Things To Consider When Evaluating Privileged Account Security Solutions Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?

More information

How OpenFlow -Based SDN Transforms Private Cloud. ONF Solution Brief November 27, 2012

How OpenFlow -Based SDN Transforms Private Cloud. ONF Solution Brief November 27, 2012 How OpenFlow -Based SDN Transforms Private Cloud ONF Solution Brief November 27, 2012 Table of Contents 2 Executive Summary 2 Trends in the Private Cloud 3 Network Limitations and Requirements 4 OpenFlow-Based

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

Limiting the Spread of Threats: A Data Center for Every User

Limiting the Spread of Threats: A Data Center for Every User SESSION ID: SPO1-R03 Limiting the Spread of Threats: A Data Center for Every User Geoff Huang Director Product Marketing VMware Tony Paikeday Senior Product Marketing Manager VMware Why do breaches still

More information

WHITE PAPER: Egenera Cloud Suite

WHITE PAPER: Egenera Cloud Suite WHITE PAPER: Egenera Cloud Suite Introduction Cloud Computing Benefits Users Self-provision computing resources for unparalleled agility and fastest time-toservice Service providers Become cloud providers

More information

TOP 5 REASONS WHY FINANCIAL SERVICES FIRMS SHOULD CONSIDER SDN NOW

TOP 5 REASONS WHY FINANCIAL SERVICES FIRMS SHOULD CONSIDER SDN NOW TOP 5 REASONS WHY FINANCIAL SERVICES FIRMS SHOULD CONSIDER SDN NOW Abstract Software-defined networking, or SDN, is a relatively new technology that is already having a major impact on companies in the

More information

Business Case for Open Data Center Architecture in Enterprise Private Cloud

Business Case for Open Data Center Architecture in Enterprise Private Cloud Business Case for Open Data Center Architecture in Enterprise Private Cloud Executive Summary Enterprise IT organizations that align themselves with their enterprise s overall goals help the organization

More information

VMware vcloud Networking and Security

VMware vcloud Networking and Security VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility

More information

Managing Traditional Workloads Together with Cloud Computing Workloads

Managing Traditional Workloads Together with Cloud Computing Workloads Managing Traditional Workloads Together with Cloud Computing Workloads Table of Contents Introduction... 3 Cloud Management Challenges... 3 Re-thinking of Cloud Management Solution... 4 Teraproc Cloud

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3

VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3 VMware Solution Guide for Payment Card Industry (PCI) September 2012 v1.3 VALIDATION DO CU MENT Table of Contents INTRODUCTION... 3 OVERVIEW OF PCI AS IT APPLIES TO CLOUD/VIRTUAL ENVIRONMENTS... 5 GUIDANCE

More information

SOFTWARE DEFINED NETWORKING

SOFTWARE DEFINED NETWORKING SOFTWARE DEFINED NETWORKING Bringing Networks to the Cloud Brendan Hayes DIRECTOR, SDN MARKETING AGENDA Market trends and Juniper s SDN strategy Network virtualization evolution Juniper s SDN technology

More information

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud

More information

What s New in VMware Site Recovery Manager 6.1

What s New in VMware Site Recovery Manager 6.1 What s New in VMware Site Recovery Manager 6.1 Technical Overview AUGUST 2015 Table of Contents Introduction... 2 Storage profile based protection... 2 Stretched Storage and Orchestrated vmotion... 5 Enhanced

More information

Software-Defined Networks Powered by VellOS

Software-Defined Networks Powered by VellOS WHITE PAPER Software-Defined Networks Powered by VellOS Agile, Flexible Networking for Distributed Applications Vello s SDN enables a low-latency, programmable solution resulting in a faster and more flexible

More information

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre Unlock the full potential of data centre virtualisation with micro-segmentation Making software-defined security (SDS) work for your data centre Contents 1 Making software-defined security (SDS) work for

More information

MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS

MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS VCE Word Template Table of Contents www.vce.com MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS January 2012 VCE Authors: Changbin Gong: Lead Solution Architect Michael

More information

Palo Alto Networks. Security Models in the Software Defined Data Center

Palo Alto Networks. Security Models in the Software Defined Data Center Palo Alto Networks Security Models in the Software Defined Data Center Christer Swartz Palo Alto Networks CCIE #2894 Network Overlay Boundaries & Security Traditionally, all Network Overlay or Tunneling

More information

Software-Defined Storage: What it Means for the IT Practitioner WHITE PAPER

Software-Defined Storage: What it Means for the IT Practitioner WHITE PAPER What it Means for the IT Practitioner WHITE PAPER Extending the Power of Virtualization to Storage Server virtualization has changed the way IT runs data centers across the world. According to Gartner,

More information

VMware NSX @SoftLayer!!

VMware NSX @SoftLayer!! A VMware@SoftLayer CookBook v1.1 April 30, 2014 VMware NSX @SoftLayer Author(s) & Contributor(s) (IBM) Shane B. Mcelligott Dani Roisman (VMware) Merlin Glynn, mglynn@vmware.com Chris Wall Geoff Wing Marcos

More information

Catbird 6.0: Private Cloud Security

Catbird 6.0: Private Cloud Security WHITE PAPER Catbird 6.0: Private Cloud Security and agile infrastructure that is exposing weaknesses in legacy perimeter-based network controls and leaving applications vulnerable to advanced threats.

More information

Scalable Network Monitoring with SDN-Based Ethernet Fabrics

Scalable Network Monitoring with SDN-Based Ethernet Fabrics Scalable Network Monitoring with SDN-Based Ethernet Fabrics Prashant Gandhi VP, Product Management & Strategy Big Switch Networks 1 Agenda Trends in Network Monitoring SDN s Role in Network Monitoring

More information

Strategies for assessing cloud security

Strategies for assessing cloud security IBM Global Technology Services Thought Leadership White Paper November 2010 Strategies for assessing cloud security 2 Securing the cloud: from strategy development to ongoing assessment Executive summary

More information

Software Defined Network (SDN)

Software Defined Network (SDN) Georg Ochs, Smart Cloud Orchestrator (gochs@de.ibm.com) Software Defined Network (SDN) University of Stuttgart Cloud Course Fall 2013 Agenda Introduction SDN Components Openstack and SDN Example Scenario

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

Advancing Security with Software Defined Datacenter. Karen Law Senior Systems Consultant VMware Hong Kong Ltd

Advancing Security with Software Defined Datacenter. Karen Law Senior Systems Consultant VMware Hong Kong Ltd Advancing Security with Software Defined Datacenter Karen Law Senior Systems Consultant VMware Hong Kong Ltd AGENDA Why Micro-segmentation? Understanding SDDC Network Virtualization Why Network Hypervisor?

More information

Software Defined Data Centers Network Virtualization & Security. Jeremy van Doorn Director of Systems Engineering EMEA, Network & Security

Software Defined Data Centers Network Virtualization & Security. Jeremy van Doorn Director of Systems Engineering EMEA, Network & Security Software Defined Data Centers Network Virtualization & Security Jeremy van Doorn Director of Systems Engineering EMEA, Network & Security 1 My business and its IT organization are being engulfed by a torrent

More information

Network Services in the SDN Data Center

Network Services in the SDN Data Center Network Services in the SDN Center SDN as a Network Service Enablement Platform Whitepaper SHARE THIS WHITEPAPER Executive Summary While interest about OpenFlow and SDN has increased throughout the tech

More information

A Look at the New Converged Data Center

A Look at the New Converged Data Center Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable

More information

SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform 3.0.5 Reference Architecture

SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform 3.0.5 Reference Architecture SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform 3.0.5 Reference Architecture 2 This reference architecture is a guideline for deploying Citrix CloudPlatform, powered by Apache CloudStack,

More information

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com SDN 101: An Introduction to Software Defined Networking citrix.com Over the last year, the hottest topics in networking have been software defined networking (SDN) and Network ization (NV). There is, however,

More information

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT BROCADE SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT Rajesh Dhople Brocade Communications Systems, Inc. rdhople@brocade.com 2012 Brocade Communications Systems, Inc. 1 Why can t you do these things

More information

EXPAND YOUR BUSINESS SERVICES REACH WITH VIRTUALIZED NETWORK SERVICES. Solution Primer

EXPAND YOUR BUSINESS SERVICES REACH WITH VIRTUALIZED NETWORK SERVICES. Solution Primer EXPAND YOUR BUSINESS SERVICES REACH WITH VIRTUALIZED NETWORK SERVICES Solution Primer ABSTRACT Software Defined Networking (SDN) has delivered significant benefits to datacenter networks, making it possible

More information

EVOLVING ENTERPRISE NETWORKS WITH SPB-M APPLICATION NOTE

EVOLVING ENTERPRISE NETWORKS WITH SPB-M APPLICATION NOTE EVOLVING ENTERPRISE NETWORKS WITH SPB-M APPLICATION NOTE EXECUTIVE SUMMARY Enterprise network managers are being forced to do more with less. Their networks are growing in size and complexity. They need

More information

SDN Applications in Today s Data Center

SDN Applications in Today s Data Center SDN Applications in Today s Data Center Harry Petty Director Data Center & Cloud Networking Cisco Systems, Inc. Santa Clara, CA USA October 2013 1 Customer Insights: Research/ Academia OpenFlow/SDN components

More information

Group-Based Policy for OpenStack

Group-Based Policy for OpenStack Group-Based Policy for OpenStack Introduction Over the past four years, OpenStack has grown from a simple open source project to a major community-based initiative including thousands of contributors in

More information

TRANSFORMATION OPPORTUNITIES WITH THE ALCATEL-LUCENT OPENTOUCH SUITE OPTIMIZING CONVERSATION DELIVERY OVER CENTRALIZED COMMUNICATIONS NETWORKS

TRANSFORMATION OPPORTUNITIES WITH THE ALCATEL-LUCENT OPENTOUCH SUITE OPTIMIZING CONVERSATION DELIVERY OVER CENTRALIZED COMMUNICATIONS NETWORKS TRANSFORMATION OPPORTUNITIES WITH THE ALCATEL-LUCENT OPENTOUCH SUITE OPTIMIZING CONVERSATION DELIVERY OVER CENTRALIZED COMMUNICATIONS NETWORKS Application Note Table of contents Abstract / New Opportunities

More information

Private Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

Private Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc. Private Clouds Krishnan Subramanian Analyst & Researcher Krishworld.com A whitepaper sponsored by Trend Micro Inc. Introduction Cloud computing has completely transformed the way business organizations

More information

Federated Application Centric Infrastructure (ACI) Fabrics for Dual Data Center Deployments

Federated Application Centric Infrastructure (ACI) Fabrics for Dual Data Center Deployments Federated Application Centric Infrastructure (ACI) Fabrics for Dual Data Center Deployments March 13, 2015 Abstract To provide redundancy and disaster recovery, most organizations deploy multiple data

More information

Data Center Manager (DCM)

Data Center Manager (DCM) DATA SHEET Data Center Manager (DCM) Unified Virtual/Physical Data Center Fabric Management Benefits LOWER OPERATIONAL COSTS High degree of automation within physical and virtual environments to streamline

More information

Accelerating Micro-segmentation

Accelerating Micro-segmentation WHITE PAPER Accelerating Micro-segmentation THE INITIAL CHALLENGE WAS THAT TRADITIONAL SECURITY INFRASTRUCTURES WERE CONCERNED WITH SECURING THE NETWORK BORDER, OR EDGE, WITHOUT BUILDING IN EFFECTIVE SECURITY

More information