Engineers from La Salle-URL share the latest news and projects in the field of network solutions in telematic engineering.

22 April 2021 | Posted by userDataCenter

NSX microsegmentation

Network virtualisation has completely changed the way people work.  NSX are industry leaders and offer a complete network virtualisation and security platform from Layer 2 to Layer 7.

We know that while there may be good data centre perimeter defences, they are not foolproof - there are still threats that can breach the defences by exploiting legitimate user access, and once inside, there are not enough controls to prevent hackers from moving from server to server.

Keeping up with all the changes in the FW with virtual machines being created, moved and deleted all the time is not easy. A security strategy must be achieved from the centre that is trusted zero. This strategy does not work like traditional firewall management, it is much more automated and is built into the software-defined data centre.

We can make one part of the virtual machine for one type of traffic and another for another and apply appropriate controls on each part. Given this breakdown, the following scenarios can occur:

- Machine moves, policies go with it.

- The machine is removed, the policies are removed.

- A vulnerability is identified on the machine, the attributes of the virtual machine are dynamically updated and quarantine controls are applied whereby it is set aside and under supervision.

Virtual networks are therefore isolated by default and with them a basic firewall. But these firewalls can have more advanced and state-of-the-art capabilities applied to them, as they are implemented on the NSX platform by many manufacturers such as Palo Alto, F5, Fortinet... As they are already integrated into the NSX platform, you can take advantage of automated provisioning.

Alba & Rafa

Share

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
9 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.