SlideShare une entreprise Scribd logo

VMworld 2014: Virtualize your Network with VMware NSX

VMworld
VMworld

VMware NSX is a network virtualization platform that allows organizations to virtualize their network infrastructure and implement micro-segmentation. Traditional perimeter-based security has proven insufficient, while micro-segmentation through physical networking is operationally infeasible. NSX addresses this by providing micro-segmentation through software by extending the virtual network to workloads. This allows for security policies to be applied and enforced across any application, on any server, in any location. NSX provides both security isolation and network visibility and context that is not possible with traditional approaches.

Technologie
1  sur  38
Télécharger pour lire hors ligne
Virtualize your Network with VMware NSX NET3305-S Martin Casado, VMware, Inc
CONFIDENTIAL 2 Disclaimer • This presentation may contain product features that are currently under development. • This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. • Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind. • Technical feasibility and market demand will affect final delivery. • Pricing and packaging for any new technologies or features discussed or presented have not been determined.
CONFIDENTIAL 3 Traditional Data Center Any Application L2/L3 or Proprietary Network Guidance from Giants Modern SaaS Data Center Custom Application IP Network Security Fault Isolation Service Chaining Discovery Load balancing Security Fault Isolation Service Chaining Discovery Load balancing Opex/Capex = $$$$ Innovation = HW design cycle Opex/Capex = $ Innovation = SW design cycle
CONFIDENTIAL 4 What is VMware NSX? Internet
CONFIDENTIAL 5 What is VMware NSX?
CONFIDENTIAL 6 Internet What is VMware NSX?
CONFIDENTIAL 7 Internet What is VMware NSX?
CONFIDENTIAL 8 Internet What is VMware NSX?
CONFIDENTIAL 9 VMware NSX Momentum: Customers 4of 5 top investment banks enterprises & service providers Leading global
CONFIDENTIAL 10 Three Reasons Companies Virtualize Their Network… Speed – On Demand Apps and Services11 Economics – Opex Efficiency & Capex Cost Savings22 Security – Re-Architect Datacenter Security33
Security Use Case
CONFIDENTIAL 12 2010 2011 2012 2013 IT Spend Security Spend Security Breaches A Picture of Diminishing Returns The only thing outpacing security spend is security losses
CONFIDENTIAL 13 A Modern Attack Malware/attack vectors tested against known signatures & are often VM-aware 11 Human Recon 22 Attack Vector R&D 33 Primary Attack 1 PREP
CONFIDENTIAL 14 44 Compromise Primary Entry Point (Phishing, Waterholes, etc.) 55 Install Command & Control I/F Strain B Dormant Strain A Active 2 INTRUSION Leverage endpoints that circumvent perimeter controls
CONFIDENTIAL 15 66 Escalate Privileges on Primary Entry Point 3 RECON Strain A Active 77 Lateral Movement 88 Install C2 I/F Wipe Tracks Escalate Priv 88 88 Leverage hyper-connected computing base, accessible topology info & shared components
CONFIDENTIAL 16 99 Wake Up & Modify Next Dormant Strain Strain A Active 4 RECOVERY Attack Identified Response Strain B Active Strain C Dormant Sensor, alerts and logs easily accessible
CONFIDENTIAL 17 5 ACT ON INTENT 1010 Break into Data Stores 1111 Parcel & Obfuscate 1212 Exfiltrate 1313 Cleanup 6 EXFILTRATION Exploit weak visibility and limited internal control points
CONFIDENTIAL 18 The modern kill chain is highly targeted, interactive, and stealthy 13 Cleanup
CONFIDENTIAL 19 A Modern Kill Chain … is highly targeted, interactive and stealthy INTRUSION2 RECOVERY4 ACT ON INTENT5 EXFILTRATION6RECON3IPREP1 8 Install C2 I/F Wipe Tracks Escalate Priv. 9 Wake Up & Modify Next Dormant Strain 10 Break into Data Stores 11 Parcel & Obfuscate 12 Exfiltrate 13 Cleanup 5 Install Command & Control (C2) I/F 6 Escalate Privileges on Primary Entry Point 7 Lateral Movement 8 8 1 Recon 2 Attack Vector R&D 3 Primary Attack 4 Compromise Primary Entry Point Strain A Active Strain B Dormant Strain B Active Strain C Dormant Attack Identified Response Perimeter-Centric 80% of resources focused on preventing intrusion Limited visibility and control inside the datacenter to detect and respond to attacks
Micro-Segmentation with NSX
CONFIDENTIAL 21
CONFIDENTIAL 22 Problem: Data Center Network Security Perimeter-centric network security has proven insufficient, and micro-segmentation is operationally infeasible Little or no lateral controls inside perimeter Internet Internet Insufficient Operationally Infeasible
CONFIDENTIAL 23 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 24 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 25 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 26 Using Network Virtualization For Micro-Segmentation Internet Security Policy Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 27 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 28 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 29 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
CONFIDENTIAL 30 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
Looking Into the Future
CONFIDENTIAL 32 The “Goldilocks Zone” Too Hot Too Cold
CONFIDENTIAL 33 Trading Off Context and Isolation Software Defined Data Center (SDDC) Any Application SDDC Platform Any x86 Any Storage Any IP network Data Center Virtualization High Context Low Isolation High Isolation Low Context No Ubiquitous Enforcement Traditional Approach
CONFIDENTIAL 34 Delivering Both Context and Isolation Software Defined Data Center (SDDC) Any Application SDDC Platform Any x86 Any Storage Any IP network Data Center Virtualization High Context High Isolation Ubiquitous Enforcement Secure Host Introspection
CONFIDENTIAL 35 Broad Impact Across Many Security Verticles Gain previously impossible vulnerability intelligence based on application purpose, data class and user roles to drive rich, policy driven response, including in-place quarantine. Vulnerability Management Malware Protection Network Protection Real-time, dynamic threat response that follows applications as they migrate between hosts, data centers and cloud environments. Leverages platform to move IPS features from dedicated edge function to distributed enforcement with rich, policy-driven response, including in-place quarantine.
Thank You
Fill out a survey Every completed survey is entered into a drawing for a $25 VMware company store gift certificate
Virtualize your Network with VMware NSX NET3305-S Martin Casado, VMware, Inc

Recommandé

VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld
 
VMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSX
VMworld
 
VMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSXVMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSX
VMworld
 
VMworld 2013: Advanced VMware NSX Architecture
VMworld 2013: Advanced VMware NSX Architecture VMworld 2013: Advanced VMware NSX Architecture
VMworld 2013: Advanced VMware NSX Architecture
VMworld
 
Nsx security deep dive
Nsx security deep diveNsx security deep dive
Nsx security deep dive
solarisyougood
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld
 
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Anthony Burke
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
Ploynatcha Akkaraputtipat
 

Recommandé

VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld 2013: Technical Deep Dive: Build a Collapsed DMZ Architecture for Opt...
VMworld
 
VMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSXVMworld 2014: Introduction to NSX
VMworld 2014: Introduction to NSX
VMworld
 
VMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSXVMworld Europe 2014: Advanced Network Services with NSX
VMworld Europe 2014: Advanced Network Services with NSX
VMworld
 
VMworld 2013: Advanced VMware NSX Architecture
VMworld 2013: Advanced VMware NSX Architecture VMworld 2013: Advanced VMware NSX Architecture
VMworld 2013: Advanced VMware NSX Architecture
VMworld
 
Nsx security deep dive
Nsx security deep diveNsx security deep dive
Nsx security deep dive
solarisyougood
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld
 
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Security Practitioners guide to Micro Segmentation with VMware NSX and Log In...
Anthony Burke
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
Ploynatcha Akkaraputtipat
 
VMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSXVMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld
 
The Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXThe Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSX
Scott Lowe
 
VMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real projectVMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real project
David Pasek
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
Filip Verloy
 
VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
Angel Villar Garea
 
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014
Sanjay Basu
 
VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld
 
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld
 
Network Virtualization with VMware NSX
Network Virtualization with VMware NSXNetwork Virtualization with VMware NSX
Network Virtualization with VMware NSX
Scott Lowe
 
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld
 
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld
 
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMware
Angel Villar Garea
 
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld
 
VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack
VMworld
 
VMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingVMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined Networking
Cumulus Networks
 
NSX Reference Design version 3.0
NSX Reference Design version 3.0NSX Reference Design version 3.0
NSX Reference Design version 3.0
Doddi Priyambodo
 
NSX 9 Core Use Cases
NSX 9 Core Use CasesNSX 9 Core Use Cases
NSX 9 Core Use Cases
Kevin Groat
 
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
Dmitri Kalintsev
 
VMUG - NSX Architettura e Design
VMUG - NSX Architettura e DesignVMUG - NSX Architettura e Design
VMUG - NSX Architettura e Design
VMUG IT
 

Contenu connexe

Tendances

NSX Reference Design version 3.0
NSX Reference Design version 3.0NSX Reference Design version 3.0
NSX Reference Design version 3.0
Doddi Priyambodo
 

Tendances (20)

VMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSXVMworld 2015: The Future of Network Virtualization with VMware NSX
VMworld 2015: The Future of Network Virtualization with VMware NSX
 
The Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXThe Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSX
 
VMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real projectVMware NSX - Lessons Learned from real project
VMware NSX - Lessons Learned from real project
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
 
VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization VMworld 2013: Deploying VMware NSX Network Virtualization
VMworld 2013: Deploying VMware NSX Network Virtualization
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
 
VMware NSX primer 2014
VMware NSX primer 2014VMware NSX primer 2014
VMware NSX primer 2014
 
VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments VMworld 2013: Operational Best Practices for NSX in VMware Environments
VMworld 2013: Operational Best Practices for NSX in VMware Environments
 
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
VMworld 2014: Advanced Topics & Future Directions in Network Virtualization w...
 
Network Virtualization with VMware NSX
Network Virtualization with VMware NSXNetwork Virtualization with VMware NSX
Network Virtualization with VMware NSX
 
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
VMworld 2014: VMware NSX and vCloud Automation Center Integration Technical D...
 
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
VMworld 2013: Bringing Network Virtualization to VMware Environments with NSX
 
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMware
 
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3r...
 
VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack VMworld 2013: VMware NSX Integration with OpenStack
VMworld 2013: VMware NSX Integration with OpenStack
 
VMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingVMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined Networking
 
NSX Reference Design version 3.0
NSX Reference Design version 3.0NSX Reference Design version 3.0
NSX Reference Design version 3.0
 
NSX 9 Core Use Cases
NSX 9 Core Use CasesNSX 9 Core Use Cases
NSX 9 Core Use Cases
 

En vedette

SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundSDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
Chef Software, Inc.
 
SEC8022_Securing_SDDC_NSX_Hammad_Shahzad
SEC8022_Securing_SDDC_NSX_Hammad_ShahzadSEC8022_Securing_SDDC_NSX_Hammad_Shahzad
SEC8022_Securing_SDDC_NSX_Hammad_Shahzad
shezy22
 

En vedette (20)

#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
#NET5488 - Troubleshooting Methodology for VMware NSX - VMworld 2015
 
VMUG - NSX Architettura e Design
VMUG - NSX Architettura e DesignVMUG - NSX Architettura e Design
VMUG - NSX Architettura e Design
 
VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization
 
Network Virtualization Architectural & Technological aspects
Network Virtualization Architectural & Technological aspectsNetwork Virtualization Architectural & Technological aspects
Network Virtualization Architectural & Technological aspects
 
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundSDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
 
OpenStack x Midonet x Mellanox VXLAN offload @OpenStack Days 2015
OpenStack x Midonet x Mellanox VXLAN offload @OpenStack Days 2015OpenStack x Midonet x Mellanox VXLAN offload @OpenStack Days 2015
OpenStack x Midonet x Mellanox VXLAN offload @OpenStack Days 2015
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
 
もう一つのHCI VxRackとVBlock
もう一つのHCI VxRackとVBlockもう一つのHCI VxRackとVBlock
もう一つのHCI VxRackとVBlock
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 2 - Privileged ...
 
BETTER TOGETHER 〜VMware NSXとJuniperデバイスを繋いでみよう!〜
BETTER TOGETHER 〜VMware NSXとJuniperデバイスを繋いでみよう!〜BETTER TOGETHER 〜VMware NSXとJuniperデバイスを繋いでみよう!〜
BETTER TOGETHER 〜VMware NSXとJuniperデバイスを繋いでみよう!〜
 
VMworld 2016 Recap
VMworld 2016 RecapVMworld 2016 Recap
VMworld 2016 Recap
 
Blue Medora - VMware vROps Management Pack for VCE Vblock Overview
Blue Medora - VMware vROps Management Pack for VCE Vblock OverviewBlue Medora - VMware vROps Management Pack for VCE Vblock Overview
Blue Medora - VMware vROps Management Pack for VCE Vblock Overview
 
Self service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsxSelf service it with v realizeautomation and nsx
Self service it with v realizeautomation and nsx
 
NSX for vSphere Logical Routing Deep Dive
NSX for vSphere Logical Routing Deep DiveNSX for vSphere Logical Routing Deep Dive
NSX for vSphere Logical Routing Deep Dive
 
Emc vmax3 technical deep workshop
Emc vmax3 technical deep workshopEmc vmax3 technical deep workshop
Emc vmax3 technical deep workshop
 
SEC8022_Securing_SDDC_NSX_Hammad_Shahzad
SEC8022_Securing_SDDC_NSX_Hammad_ShahzadSEC8022_Securing_SDDC_NSX_Hammad_Shahzad
SEC8022_Securing_SDDC_NSX_Hammad_Shahzad
 
Emc recoverpoint technical
Emc recoverpoint technicalEmc recoverpoint technical
Emc recoverpoint technical
 
NSX-MH
NSX-MHNSX-MH
NSX-MH
 
Understanding and deploying Network Virtualization
Understanding and deploying Network VirtualizationUnderstanding and deploying Network Virtualization
Understanding and deploying Network Virtualization
 
OpenStack + VMware: Everything You Need to Know (Kilo-edition)
OpenStack + VMware: Everything You Need to Know (Kilo-edition)OpenStack + VMware: Everything You Need to Know (Kilo-edition)
OpenStack + VMware: Everything You Need to Know (Kilo-edition)
 

Similaire à VMworld 2014: Virtualize your Network with VMware NSX

Final report firewall reconciliation
Final report firewall reconciliationFinal report firewall reconciliation
Final report firewall reconciliation
Gurjan Oberoi
 
Build Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-SegmentationBuild Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-Segmentation
Westermo Network Technologies
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
EnergySec
 
VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529
VMUG IT
 
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Center
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data CenterHBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Center
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Center
davehill99
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
AlgoSec
 
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
Jürgen Ambrosi
 

Similaire à VMworld 2014: Virtualize your Network with VMware NSX (20)

Final report firewall reconciliation
Final report firewall reconciliationFinal report firewall reconciliation
Final report firewall reconciliation
 
VMware-vShield-Presentation-pp-en-Dec10.pptx
VMware-vShield-Presentation-pp-en-Dec10.pptxVMware-vShield-Presentation-pp-en-Dec10.pptx
VMware-vShield-Presentation-pp-en-Dec10.pptx
 
Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016
 
Build Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-SegmentationBuild Redundant and Resilient Networks with Micro-Segmentation
Build Redundant and Resilient Networks with Micro-Segmentation
 
Data Center Server security
Data Center Server securityData Center Server security
Data Center Server security
 
vSEC pro VMware NSX
vSEC pro VMware NSXvSEC pro VMware NSX
vSEC pro VMware NSX
 
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
VMware vShield - Overview
VMware vShield - OverviewVMware vShield - Overview
VMware vShield - Overview
 
VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529VMware NSX @ VMUG.IT 20150529
VMware NSX @ VMUG.IT 20150529
 
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Center
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data CenterHBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Center
HBC9363 Virtualization 2.0 How the Cloud is Evolving the Modern Data Center
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
 
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
Patrick Kerpan's CSA EMEA Congress presentation "Overlay Networks: Connecting...
 
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
 
VMworld 2014: How I Learned to Stop Worrying and Love the Public Cloud
VMworld 2014: How I Learned to Stop Worrying and Love the Public CloudVMworld 2014: How I Learned to Stop Worrying and Love the Public Cloud
VMworld 2014: How I Learned to Stop Worrying and Love the Public Cloud
 
#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming Security#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming Security
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
Standardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsStandardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower Costs
 
VMworld 2016: Advanced Network Services with NSX
VMworld 2016: Advanced Network Services with NSXVMworld 2016: Advanced Network Services with NSX
VMworld 2016: Advanced Network Services with NSX
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 

Plus de VMworld

VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld
 
VMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphereVMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphere
VMworld
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
VMworld
 

Plus de VMworld (20)

VMworld 2016: vSphere 6.x Host Resource Deep Dive
VMworld 2016: vSphere 6.x Host Resource Deep DiveVMworld 2016: vSphere 6.x Host Resource Deep Dive
VMworld 2016: vSphere 6.x Host Resource Deep Dive
 
VMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for HorizonVMworld 2016: Troubleshooting 101 for Horizon
VMworld 2016: Troubleshooting 101 for Horizon
 
VMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI Automation
VMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI AutomationVMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI Automation
VMworld 2016: Enforcing a vSphere Cluster Design with PowerCLI Automation
 
VMworld 2016: What's New with Horizon 7
VMworld 2016: What's New with Horizon 7VMworld 2016: What's New with Horizon 7
VMworld 2016: What's New with Horizon 7
 
VMworld 2016: Virtual Volumes Technical Deep Dive
VMworld 2016: Virtual Volumes Technical Deep DiveVMworld 2016: Virtual Volumes Technical Deep Dive
VMworld 2016: Virtual Volumes Technical Deep Dive
 
VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...
VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...
VMworld 2016: Advances in Remote Display Protocol Technology with VMware Blas...
 
VMworld 2016: The KISS of vRealize Operations!
VMworld 2016: The KISS of vRealize Operations! VMworld 2016: The KISS of vRealize Operations!
VMworld 2016: The KISS of vRealize Operations!
 
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
VMworld 2016: Getting Started with PowerShell and PowerCLI for Your VMware En...
 
VMworld 2016: Ask the vCenter Server Exerts Panel
VMworld 2016: Ask the vCenter Server Exerts PanelVMworld 2016: Ask the vCenter Server Exerts Panel
VMworld 2016: Ask the vCenter Server Exerts Panel
 
VMworld 2016: Virtualize Active Directory, the Right Way!
VMworld 2016: Virtualize Active Directory, the Right Way! VMworld 2016: Virtualize Active Directory, the Right Way!
VMworld 2016: Virtualize Active Directory, the Right Way!
 
VMworld 2015: Troubleshooting for vSphere 6
VMworld 2015: Troubleshooting for vSphere 6VMworld 2015: Troubleshooting for vSphere 6
VMworld 2015: Troubleshooting for vSphere 6
 
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
VMworld 2015: Monitoring and Managing Applications with vRealize Operations 6...
 
VMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphereVMworld 2015: Advanced SQL Server on vSphere
VMworld 2015: Advanced SQL Server on vSphere
 
VMworld 2015: Virtualize Active Directory, the Right Way!
VMworld 2015: Virtualize Active Directory, the Right Way!VMworld 2015: Virtualize Active Directory, the Right Way!
VMworld 2015: Virtualize Active Directory, the Right Way!
 
VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...
VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...
VMworld 2015: Site Recovery Manager and Policy Based DR Deep Dive with Engine...
 
VMworld 2015: Building a Business Case for Virtual SAN
VMworld 2015: Building a Business Case for Virtual SANVMworld 2015: Building a Business Case for Virtual SAN
VMworld 2015: Building a Business Case for Virtual SAN
 
VMworld 2015: Explaining Advanced Virtual Volumes Configurations
VMworld 2015: Explaining Advanced Virtual Volumes ConfigurationsVMworld 2015: Explaining Advanced Virtual Volumes Configurations
VMworld 2015: Explaining Advanced Virtual Volumes Configurations
 
VMworld 2015: Virtual Volumes Technical Deep Dive
VMworld 2015: Virtual Volumes Technical Deep DiveVMworld 2015: Virtual Volumes Technical Deep Dive
VMworld 2015: Virtual Volumes Technical Deep Dive
 
VMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's BackboneVMworld 2015: Networking Virtual SAN's Backbone
VMworld 2015: Networking Virtual SAN's Backbone
 
VMworld 2015: The Best SDDC!
VMworld 2015: The Best SDDC!VMworld 2015: The Best SDDC!
VMworld 2015: The Best SDDC!
 

Dernier

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Dernier (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 

VMworld 2014: Virtualize your Network with VMware NSX

  • 1. Virtualize your Network with VMware NSX NET3305-S Martin Casado, VMware, Inc
  • 2. CONFIDENTIAL 2 Disclaimer • This presentation may contain product features that are currently under development. • This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. • Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind. • Technical feasibility and market demand will affect final delivery. • Pricing and packaging for any new technologies or features discussed or presented have not been determined.
  • 3. CONFIDENTIAL 3 Traditional Data Center Any Application L2/L3 or Proprietary Network Guidance from Giants Modern SaaS Data Center Custom Application IP Network Security Fault Isolation Service Chaining Discovery Load balancing Security Fault Isolation Service Chaining Discovery Load balancing Opex/Capex = $$$$ Innovation = HW design cycle Opex/Capex = $ Innovation = SW design cycle
  • 4. CONFIDENTIAL 4 What is VMware NSX? Internet
  • 9. CONFIDENTIAL 9 VMware NSX Momentum: Customers 4of 5 top investment banks enterprises & service providers Leading global
  • 10. CONFIDENTIAL 10 Three Reasons Companies Virtualize Their Network… Speed – On Demand Apps and Services11 Economics – Opex Efficiency & Capex Cost Savings22 Security – Re-Architect Datacenter Security33
  • 12. CONFIDENTIAL 12 2010 2011 2012 2013 IT Spend Security Spend Security Breaches A Picture of Diminishing Returns The only thing outpacing security spend is security losses
  • 13. CONFIDENTIAL 13 A Modern Attack Malware/attack vectors tested against known signatures & are often VM-aware 11 Human Recon 22 Attack Vector R&D 33 Primary Attack 1 PREP
  • 14. CONFIDENTIAL 14 44 Compromise Primary Entry Point (Phishing, Waterholes, etc.) 55 Install Command & Control I/F Strain B Dormant Strain A Active 2 INTRUSION Leverage endpoints that circumvent perimeter controls
  • 15. CONFIDENTIAL 15 66 Escalate Privileges on Primary Entry Point 3 RECON Strain A Active 77 Lateral Movement 88 Install C2 I/F Wipe Tracks Escalate Priv 88 88 Leverage hyper-connected computing base, accessible topology info & shared components
  • 16. CONFIDENTIAL 16 99 Wake Up & Modify Next Dormant Strain Strain A Active 4 RECOVERY Attack Identified Response Strain B Active Strain C Dormant Sensor, alerts and logs easily accessible
  • 17. CONFIDENTIAL 17 5 ACT ON INTENT 1010 Break into Data Stores 1111 Parcel & Obfuscate 1212 Exfiltrate 1313 Cleanup 6 EXFILTRATION Exploit weak visibility and limited internal control points
  • 18. CONFIDENTIAL 18 The modern kill chain is highly targeted, interactive, and stealthy 13 Cleanup
  • 19. CONFIDENTIAL 19 A Modern Kill Chain … is highly targeted, interactive and stealthy INTRUSION2 RECOVERY4 ACT ON INTENT5 EXFILTRATION6RECON3IPREP1 8 Install C2 I/F Wipe Tracks Escalate Priv. 9 Wake Up & Modify Next Dormant Strain 10 Break into Data Stores 11 Parcel & Obfuscate 12 Exfiltrate 13 Cleanup 5 Install Command & Control (C2) I/F 6 Escalate Privileges on Primary Entry Point 7 Lateral Movement 8 8 1 Recon 2 Attack Vector R&D 3 Primary Attack 4 Compromise Primary Entry Point Strain A Active Strain B Dormant Strain B Active Strain C Dormant Attack Identified Response Perimeter-Centric 80% of resources focused on preventing intrusion Limited visibility and control inside the datacenter to detect and respond to attacks
  • 22. CONFIDENTIAL 22 Problem: Data Center Network Security Perimeter-centric network security has proven insufficient, and micro-segmentation is operationally infeasible Little or no lateral controls inside perimeter Internet Internet Insufficient Operationally Infeasible
  • 23. CONFIDENTIAL 23 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 24. CONFIDENTIAL 24 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 25. CONFIDENTIAL 25 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 26. CONFIDENTIAL 26 Using Network Virtualization For Micro-Segmentation Internet Security Policy Perimeter Firewalls Cloud Management Platform
  • 27. CONFIDENTIAL 27 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 28. CONFIDENTIAL 28 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 29. CONFIDENTIAL 29 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 30. CONFIDENTIAL 30 Using Network Virtualization For Micro-Segmentation Internet Perimeter Firewalls Cloud Management Platform
  • 32. CONFIDENTIAL 32 The “Goldilocks Zone” Too Hot Too Cold
  • 33. CONFIDENTIAL 33 Trading Off Context and Isolation Software Defined Data Center (SDDC) Any Application SDDC Platform Any x86 Any Storage Any IP network Data Center Virtualization High Context Low Isolation High Isolation Low Context No Ubiquitous Enforcement Traditional Approach
  • 34. CONFIDENTIAL 34 Delivering Both Context and Isolation Software Defined Data Center (SDDC) Any Application SDDC Platform Any x86 Any Storage Any IP network Data Center Virtualization High Context High Isolation Ubiquitous Enforcement Secure Host Introspection
  • 35. CONFIDENTIAL 35 Broad Impact Across Many Security Verticles Gain previously impossible vulnerability intelligence based on application purpose, data class and user roles to drive rich, policy driven response, including in-place quarantine. Vulnerability Management Malware Protection Network Protection Real-time, dynamic threat response that follows applications as they migrate between hosts, data centers and cloud environments. Leverages platform to move IPS features from dedicated edge function to distributed enforcement with rich, policy-driven response, including in-place quarantine.
  • 37. Fill out a survey Every completed survey is entered into a drawing for a $25 VMware company store gift certificate
  • 38. Virtualize your Network with VMware NSX NET3305-S Martin Casado, VMware, Inc