There has been a tremendous number of articles, case studies and news events written about cyber security incidents thus far in 2018. From retailers to healthcare to manufacturing, all industries have been affected by these phenomena. The bad news is that it is only going to get worse. As I look at trends and threat landscapes, it has become evident that you will have no peace of mind until you have an ultra-secure environment and an in-depth training curriculum for your employees. When it comes to cyber security, the weakest link is human interaction. What does this mean? It simply means that it takes a human to execute an application or navigate to a malicious website. Though human interaction is impossible to control, there is hope.
VMware’s NSX is a product that has been around for a while, has stood the test of many case studies and continues to improve. NSX simplifies an environment from infrastructure to routing and switching. All components are included to make an environment secure, stable and elastic. NSX is simple to configure, but you will want someone with experience to get you started. Once the basics are installed, there is a number of ways NSX will benefit you.
Multiple roles are shipped with NSX to help consolidate and secure your virtual environment. These roles are micro-segmentation, VPN-SSL, L2/L3 switching, zero-trust DMZ and load-balancing. Micro-segmentation is a way of implementing ACL’s on your virtual workloads in order to prevent unauthorized access to a database server via a web server. You can segment traffic based on roles or importance of workload. Micro-segmentation plays very well with VDI workloads. vRealize Network Insight will help you determine the extent of which your virtual machines are communicating with each other across the network and on the Internet. VPN-SSL, another security mechanism, allows your remote users to access company resources. L2/L3 (layer 2 [switching] and layer 3 [routing]) allows you to expand the capabilities of your physical environment and create virtual interfaces and virtual networks. Essentially, you can decrease your TCO and increase your ROI by implementing a single router at the edge and utilize VXLAN capabilities in the VMware environment, thus removing your physical switches. Zero-trust DMZ, a security feature, forces all traffic to be inspected whether it is trusted or not. An example of when this would be useful is when a company acquires another. You have the trust of the company, but their environment may be configured in a way you are not comfortable with. Let’s say the company you just acquired uses the same IP scheme you do, this will invariably cause IP conflicts, but using the routing and switching mechanisms in NSX, on both sides, allows you to have end to end connectivity without issues. Finally, load balancing can also be classified as an additional security mechanism. Load balancing is not just used for performance as many think. The “reverse proxy” feature in load balancing prevents a malicious attacker from accessing the contents of the web server. Load balancing will also increase your website or application up-time to increase performance and productivity, thus increasing your bottom line! As I stated above, NSX can reduce your TCO, increase your ROI and also help to minimize the likelihood of your company or assets being infiltrated or attacked by a malicious party.
An added feature is the ability for NSX to tie in with VMware on AWS. Coupled with RecoverPoint 4, VM or SRM will give your business the high availability it needs in the event of a data center blackout.
If you, as a CIO, CSO, IT Director, IT Manager or Network Engineer would like to hear more about how NSX can benefit you, please contact us here.