Ensuring Security Posture In A Multi Cloud World: A NSX(mas) Carol

Ensuring Security Posture In A Multi Cloud World: A NSX(mas) Carol

This post was originally published on this site ---

Holidays are a great time of year to take a moment and reflect. In 2018 at VMware Networking & Security, we’ve had yet another exciting year for us—we’re very proud of many achievements. For example, NSX now being deployed by 82% of Fortune 100 companies is a substantial industry adoption data point.  But rather than focus on those numbers, I wanted to take a moment to highlight one of our biggest accomplishments this year (in my opinion). Oh, and in case you missed some of those 2018 highlights, you can catch a replay of Tom Gillis’ keynote Building the Network of the Future with the Virtual Cloud Network from VMWorld US 2018.

 

NSX Past

 

Earlier this year (the end of April to be precise), at Dell Technologies World, we had our external launch of the Virtual Cloud Network. The problem statement was simple: our customers were embarking on a digital transformation journey in their respective lines of business and with those efforts came challenges around a new level of networking complexity. Their goal within their organizations was to move from centralized data centers to hyper-distributed centers of applications and data, typically spanning multiple locations, multiple geos, and most likely of them all, multiple clouds. To address this challenge, the network must evolve to deliver an everything-to-everything connected architecture across private data centers, public clouds, telecommunications networks, branches, and mobile endpoints.

On the surface, some folks may have perceived the launch to be nothing more than just some product rebranding. Admittedly, while we did welcome some new/existing products into the NSX family (which was covered in our launch blog) the Virtual Cloud Network was way less about the products and product pitch, and in my opinion, way more about the acknowledgement of execution around a strategy and vision for networking and security here at VMware. Two years ago I would never have been able to post the slide below because it was marked “internal” and “confidential” in large red lettering. But to bring this point home, especially for you customers out there who have been through an NSX update or roadmap session, hopefully you can vouch for us and confirm: this is the image of what we used to talk about as roadmap:

 

NSX Present

Fast forward to today and voilà, we have the Virtual Cloud Network, powered by NSX, delivering multi-cloud networking, security, and management capabilities, which provide a common operating model from the data center to the cloud to the edge. Last week was Security Field Day in Palo Alto, CA. and some of our team from the Networking and Security Business Unit were asked to present. In the giving spirit of the holiday season, one gift we want to bring to you readers to kick off 2019, is a new demo focused on the networking and security of hybrid cloud applications.

What exactly does that mean? In a nutshell, the following demo will showcase how NSX is able to provide micro-segmentation for an EMR application that has components running in both an on premises data center and in the public cloud.

As many of you know, NSX Data Center provides security and network capabilities for many different types of workloads customers have in their environments (virtual machines, containers, bare metal servers). NSX Data Center provides a consistent security policy across all of these different platforms, protected through the NSX Data Center Distributed Firewall interface.

For workloads that exist in native public clouds or VMware cloud partner destinations, NSX Cloud extends native cloud functionalities to NSX Data Center to provide native cloud workloads these similar security policies. These security policies can all be managed regardless of location and with similar capabilities that typical on-prem workloads are already accustomed to. More information on NSX Cloud can be found here, but we’re very proud to highlight that the product is the only solution to be featured in both the AWS Solution Space & Azure Marketplace.

Let’s now see how NSX Data Center and NSX Cloud provide these security and networking policies, and how easy it is to apply and verify that a customer workload is receiving the same security posture consistently, regardless of its location, either on or off premises. But first, let’s take a peek at our simple demo application:

  • Web Tier – 3 Virtual Machines (two servers in DFW Datacenter, one server in Azure)
  • Database Tier – 1 Virtual Machine (in DFW Datacenter)
  • The entire application is front-ended with a NSX Load Balancer

We have done our best to break the demo down into five simple steps.

  1. Cloud Services Manager Configuration
  2. Verify NSX Manager Configuration
  3. Verify and modify NSX Firewall
  4. Test EMR App
  5. Verify NSX Load Balancing

Without further ado, our NSX Cross Cloud Networking and Security demo:

This demo is also available in a self-paced click-through format, alongside a number of other demos and external resources, available on our Networking and Security demo www.vcndemo.com website.

NSX Yet to Come

What’s next? Customers choose to #RunNSX because it delivers network and security services closest to the application no matter where the application resides. Expect us to continue to deliver on this simple yet powerful design principle, and while I can’t disclose all of our upcoming announcements in a “futures” section (or my future here at VMware will be shorter than everyone’s January gym attendance), just know that we have planned some really cool new and exciting announcements in 2019! And while you are hopefully enjoying some holiday relaxation time, give yourself the gift of learning. Try our Hands On Labs for all the NSX platform solutions, which are available at http://labs.hol.vmware.com/

The post Ensuring Security Posture In A Multi Cloud World: A NSX(mas) Carol appeared first on Network Virtualization.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.