20 August, 2014

Network micro-segmentation using VMware NSX

Last week VMware hosted a vExpert only Webex event. The topic was VMware's network virtualization NSX with a focus on (micro)-segmentation. The main presenter was Scott Lowe, he explained what management and security benefits micro-segmentation in can bring in general. Especially how you could keep a secure micro-segmented network environment manageable by leveraging NSX. With traditional firewall and routing solutions, network isolation or segmentation on a per business unit, per vApp or even a per VM granularity quickly becomes a painstaking management task which is on top of that very prone to error. By using NSX and deploying multiple virtual firewalls and routers (as much as the environment needs to meet the customer and/or security demands) which can al be managed from one central interface, takes away the "pain" in managing this environment. And in addition most firewall / segmentation configuration is policy based, by defining the needed policy's specific to the customers demands and applying them where needed (business unit, vApp or VM) it also mitigates the error factor enormously.
Not having any hands-on experience with NSX is a customers production environment, this presentation gave me a clear view on how to apply NSX in a environment where micro-segmentation is needed whether the business requirement is security related or otherwise related.
So if you are attending VMworld (US or Europe) make sure have some sessions around NSX in your schedule. To hear for yourself about all the awesomeness NSX is bringing !!
No Limits is the theme for 2014 VMworld, this certainly goes for network virtualization with VMware NSX.