Business Values of Network and Security Virtualization

Similar documents
Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

How To Build A Software Defined Data Center

How Network Virtualization can improve your Data Center Security

Netzwerkvirtualisierung? Aber mit Sicherheit!

Advancing Security with Software Defined Datacenter. Karen Law Senior Systems Consultant VMware Hong Kong Ltd

How To Protect A Data Center From A Hacker Attack

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

VMware NSX A Perspective for Service Providers part 2

Software Defined Data Centers Network Virtualization & Security. Jeremy van Doorn Director of Systems Engineering EMEA, Network & Security

Shifting Roles for Security in the Virtualized Data Center: Who Owns What?

Itex VMware NSX Network Virtualization Presentation

Use Case Brief NETWORK SECURITY

VMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

SDDC: A New Architecture for a New Era of Ed IT

Data Center Micro-Segmentation

VMware vcloud Networking and Security

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Securing the Virtualized Data Center With Next-Generation Firewalls

Limiting the Spread of Threats: A Data Center for Every User

VMware vcloud Networking and Security Overview

Softverski definirani data centri - 2. dio

STRATEGIC WHITE PAPER. The next step in server virtualization: How containers are changing the cloud and application landscape

Security in the Software Defined Data Center

Virtualization, SDN and NFV

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

Mitigating Information Security Risks of Virtualization Technologies

Enterprise Data Center Networks

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION

Tufin Orchestration Suite

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

Palo Alto Networks. Security Models in the Software Defined Data Center

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

Optimizing the Mobile Cloud Era Through Agility and Automation

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

Enabling the vision of the Modern Datacenter. System Center 2012 SP2 Azure

SOFTWARE DEFINED NETWORKING

SDN Applications in Today s Data Center

Advanced Security Services with Trend Micro Deep Security and VMware NSX Platforms

Hybrid Cloud: Overview of Intercloud Fabric. Sutapa Bansal Sr. Product Manager Cloud and Virtualization Group

PLUMgrid Open Networking Suite Service Insertion Architecture

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES

SECURING YOUR MODERN DATA CENTER WITH CHECK POINT

Remote Voting Conference

Simplifying Private Cloud Deployments through Network Automation

VMware

How To Protect Your Cloud From Attack

Public Clouds. Krishnan Subramanian Analyst & Researcher Krishworld.com. A whitepaper sponsored by Trend Micro Inc.

VMUG - vcloud Air Deep Dive VMware Inc. All rights reserved.

Securing Virtual Applications and Servers

The growing importance of a secure Cloud environment

SESSION 703 Wednesday, November 4, 9:00am - 10:00am Track: Advancing ITSM

Software defined networking. Your path to an agile hybrid cloud network

Potecting your business assets in The Cloud, with. Secure Multitency Environment from CloudHPT.

Devising a Server Protection Strategy with Trend Micro

F5 and VMware. Realize the Virtual Possibilities.

Palo Alto Networks Cyber Security Platform for the Software Defined Data center. Zekeriya Eskiocak Security Consultant Palo Alto Networks

ILLUMIO ADAPTIVE SECURITY PLATFORM TM

Intel IT Cloud 2013 and Beyond. Name Title Month, Day 2013

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Devising a Server Protection Strategy with Trend Micro

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Management for the Mobile-Cloud Era

Microsegmentation Using NSX Distributed Firewall: Getting Started

(R)Evolution im Software Defined Datacenter Hyper-Converged Infrastructure

Moving beyond Virtualization as you make your Cloud journey. David Angradi

Software Defined Network (SDN)

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

JUNIPER NETWORKS CLOUD SECURITY

Secure Cloud-Ready Data Centers Juniper Networks

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers

Network Services Orchestration Software Defined Networks, Network Function Virtualization - TODAY

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

SDN PARTNER INTEGRATION: SANDVINE

HOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES

BRINGING NETWORKS TO THE CLOUD ERA

Analysis of Network Segmentation Techniques in Cloud Data Centers

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

2013 ovh.com. All rights reserved

Outgoing VDI Gateways:

Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc.

ILLUMIO ADAPTIVE SECURITY PLATFORM TM

JUNIPER. One network for all demands MICHAEL FRITZ CEE PARTNER MANAGER. 1 Copyright 2010 Juniper Networks, Inc.

Pluribus Netvisor Solution Brief

Enabling Multi-Tenancy with NetApp MultiStore

Cisco Intercloud Fabric for Business

Network Virtualization

Software Defined Networks Virtualized networks & SDN

Build and Manage Private and Hybrid Cloud. Urban Järund, Sr Regional Services Manager Nordics, Red Hat

Transcription:

Business Values of Network and Security Virtualization VMware NSX in the context of the Software Defined Data Center Klaus Jansen Virtual Networks Sales Specialist VMware NSBU 2014 VMware Inc. All rights reserved.

Agenda (1) Context: Software Defined Data Center and Virtual Networks (2) Cost and Security: Increased security through fine grained segmentation (3) Security: Total privacy for multiple tenants on a shared infrastructure (4) Security: Compliance in Architecture, Operations and Auditing (5) Cost and Security with Choice: Integration of 3rd party security solutions (6) Cost and Agility: Automation for Private Cloud and Self Service IT

(1) Context: Software Defined Data Center and Virtual Networks The Software Defined Data Center (SDDC) is an approach to virtualize all aspects of data center infrastructure independent of underlying compute, storage or networking hardware. VMware NSX represents a faithful reproduction of physical networks and security in software at full scale. It is an overlay network running on top of current data center networks. It s a key element in the SDDC architecture.

(1) SDDC Within, Between and Across Data Centers Software Defined Data Center (SDDC) Inter- Data Center Hybrid- Data Center Any lication Any lication Any lication SDDC Platform Data Center Virtualization Any x86 Any x86 Any x86 Any Storage Any Storage Any Storage Any IP network Any IP network Any IP network

State of the Art: Gartner Data Center Networking Magic Quadrant The NSX solution should be considered by existing VMware customers as a way of providing network agility and reducing network operational challenges within the data center. Gartner Data Center Networking Magic Quadrant, April 24, 2014 Most of the leading vendors of physical data center networking share our vision and provide technology for seamless integration of bare metal servers, perimeter security and other non-virtualized workloads. 5

SDDC A Platform for Industry Innovation 6

(2) Data Center Security? Micro-segmentation is the answer Security in the data center that so far was technically, financially and organisationally unfeasable! Granular, Internet Distributed Controls Internet Reduce attack surface Visibility of all traffic Block lateral movement Zero Trust Model 7

(2) NSX Distributed Firewall with Micro Segmentation saves cost Perimeter firewall: fewer devices, smaller devices, less complex device configurations, more choice of vendors Rule sets: better visibility, no unnecessary rules kept forever, less operational cost, easier to deploy and maintain Data Center Netwok: less complex configurations, better utilization, saves costly links due to reductions of East-West traffic between phyiscal hosts, frees network capacity, likely no need to invest in a new network now 8 CONFIDENTIAL

(2) Micro Segmentation Use Cases Enterprise s/zones Self-Service IT Multi-Tenant Dev X Test A Dev A Test X Use Cases Virtual DMZ Deployments Virtual Desktop (VDI) Enterprise Zone Segmentation Use Cases DevOps Cloud Use Cases SP: Multi-tenant Cloud Enterprise: On-boarding M&A Key Requirements Flexible Micro-Segmentation Additional Layer of Security Visibility and Operations Audit and Compliance Key Requirements End-to-end Programmatic Provisioning (Network, Security etc) Guard-Rails for Private Cloud Key Capabilities Multi-tenant Deployment Programmatic L2, L3, Security Overlapping IP Addressing Open for 3 rd party cloud management

(3) Total privacy for multiple tenants on a shared infrastructure When Enterprise IT acts like a Service Provider HR Group Tenant firewall DMZ/Web DB Services/Management Group Services Mgmt Tenant 1 Tenant 2 Finance Group Total Isolation DMZ/Web DB HR Group Tenant firewall DMZ/Web DB Services/Management Group Services Mgmt Finance Group DMZ/Web DB Completely separate unrelated networks Add advanced services based on virtual network, network segment, or security group Differentiated network services for different tenants 10

(4) Compliance in Architecture, Operations and Auditing Perimeter firewall Inside firewall DMZ VLAN VLAN PCI relevant customer data now isolated Finance HR IT Before All s on a VLAN can communicate freely Once one is compromised, lateral movement cannot be restricted No visibility of to traffic DB VLAN Services VLAN Finance Finance HR HR IT IT Now with NSX Full visibility of to traffic Micro-segmentation can granularly control apps even on shared VLAN Ability to monitor, report and audit e.g. with vrealize Log Insight AD NTP DHCP DNS CERT

(5) Multi-Layer Security with 3 rd party Integration Tags Security Groups VM Checkpoint, Palo Alto, Trend Micro, McAfee,... NSX 1 Consume 2 Enforce 3 Contribute Use NSX security groups in 3 rd party policy rules Enforce policy rules through 3 rd party physical & virtual GWs Remediate infected VMs by triggering by 3 rd party security solution [Confidential] For designated groups and individuals

Cloud Management (6) Cost and Agility: Automation Private Cloud / Self-Service IT NSX On Demand lication Web PRIVATE No external connectivity Including NSX Network & Security and 3rd party vendors Database VM Logical Switch Web ROUTED Any upstream Router Logical Router Web Logical Router Database VM Logical Firewall Database V M Web NAT Any upstream Router Logical Load Balancer Database VM Logical Router NAT Gateway

Thank you CONFIDENTIAL 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information