Author Archives: NSX Team
Author Archives: NSX Team
If you work in IT, you’ve probably heard lots of talk in recent years about “zero trust,” a security strategy that requires all resources to be authenticated and authorized before they interact with other resources, rather than being trusted by default.
The theory behind zero trust is easy enough to understand. Where matters tend to get tough, however, is actually implementing zero-trust security and compliance, especially in complex, cloud-native environments.
Which tools are available to help you enforce zero-trust security configurations? What does zero trust look like at different layers of your stack – nodes, networks, APIs and so on? What does it mean to enforce zero trust for human users, as compared to machine users?
To answer questions like these, we’ve organized a webinar, titled “Zero Trust Security and Compliance for Modern Apps on Multi-Cloud,” that will offer practical guidance on configuring a zero-trust security posture in the real world.
The one-hour session will focus in particular on enforcing zero-trust in Kubernetes-based environments, with deep dives into the following:
We’re delighted to report that GigaOm, a global provider of technology industry insights and analysis, has placed VMware in the leader ring in the GigaOm Radar Report for Cloud Networking 2022. In the leader ring, VMware is placed in the Platform Play and Maturity quadrant. This is a testament to the robustness of VMware’s cloud networking solution and its leading position in the cloud networking space. Click here to download the complete report.
Noting VMware’s broad portfolio of networking solutions, which covers the entire network stack and includes native network features for observability, micro-segmentation, and beyond, GigaOm says that VMware is in a leading position to help enterprises with complex networking requirements “modernize and optimize their infrastructure.”
The report evaluates 11 vendors that provide tools or platforms to help build and operate cloud networks. They include major enterprises like VMware, as well as several smaller companies.
GigaOm assessed the vendors on a variety of criteria, including:
VMware received a triple-plus score – the highest evaluation possible – for most of the categories given above.
We’re introducing new capabilities to help our customers prepare for upgrading to the latest releases — now available with NSX-T Data Center 188.8.131.52.
To ensure that existing NSX deployments can be successfully upgraded to NSX-T Data Center 3.2.x, we have provided an NSX Upgrade Evaluation Tool that operates non-intrusively as a separate downloadable tool to check the health and readiness of your NSX Managers prior to upgrade. Using NSX Upgrade Evaluation Tool can help avoid potential upgrade failures and save time by avoiding a rollback from a failed upgrade.
In what follows, we’ll go over the details of the NSX Upgrade Evaluation Tool:
The main component of the NSX Upgrade Evaluation Tool is the database where a copy of NSX objects will be stored. The tool starts by making a secure copy of the database from an existing NSX Manager Continue reading
You’re standing in front of three doors. Door number one is big, tall, and sturdy. Nothing fancy, but seemingly safe. Door number two has more bells and whistles, fancy engravings, and twice the number of locks. Elevated security for sure, but you suspect more form over function, so you’re not entirely sold. Door number three features a winning combination of practicality and advanced locks. This one has to be the best choice, right?
You can’t see behind any door, so your choice is limited to inference. That’s frustrating. Today, choosing the right security solution for your business is no different. Bells and whistles can distract us from our core objective of ultimate, unwavering security. And old reliable doesn’t seem capable of repelling an onslaught of modern threats and distributed exposures.
Organizations need to make the right network security choice to successfully secure their networks in a highly dynamic, distributed world where it’s not a matter of if intruders will get in, but when. Turns out, the right approach is as much about philosophy as it is about technology: trust no one. But, before we get into the relationship between trust and better security, let’s begin with a review of how Continue reading
We are pleased to announce the introduction of VMware NSX Advanced Firewall for VMware Cloud on AWS, which takes the network security capabilities of VMware Cloud on AWS SDDC to a new level. Adding NSX Advanced Firewall features allows organizations to define security policies at Layer 7 while enabling deep packet inspection across all vNICS within the software-defined data center (SDDC).
NSX Advanced Firewall capabilities help you secure your applications against a never-expanding set of threats on the internet. Specifically, it includes a robust set of networking and security capabilities that enable customers to run production applications in the cloud.
This capability allows you to:
The post Introducing VMware NSX Advanced Firewall for VMware Cloud on AWS appeared first on Network and Security Virtualization.
The network is a critical component of any IT environment. When it works, it’s “normal” and few notice it. But the smallest glitch can have devastating business impacts. For over a decade, networking has been adapting to become more programmable, closer to applications, and easier to use. At the same, the number of devices increased drastically while and applications exponentially. More than ever, there is a need to adapt the network to the new paradigm of multi-cloud environments, and to make it on-demand, easy to use, and simple. The network should be transparent to applications and users, yet allow the most complex environments to communicate reliably.
Let’s dig into the three pillars of a Modern Network framework.
User experience is paramount in today’s world. Applications and data are increasingly distributed across multiple on-premises data centers and public, private, and multi-cloud environments. At the same time, users and devices (including IoT) are spreading out from a centralized corporate headquarters to branch offices, remote worksites, and, increasingly, home offices. This new reality means that, more and more, machines are talking to machines and applications are talking to applications, creating network complexity that can only be mitigated by Continue reading
Network segmentation—splitting a network into subnetworks or segments—is widely accepted to be a powerful and effective method for improving cybersecurity within the data center. Yet even though it’s acknowledged to be an essential component of network security hygiene, organizations have frequently avoided putting segmentation into practice.
Why? Because historically network segmentation has been complex, disruptive, and time-consuming to implement, requiring extensive changes to the physical network and/or network addresses. The potential impact of taking applications offline for network changes means that many organizations decide to forego this industry-wide best practice. Teams that do forge ahead often face months- or years-long effort to create security zones by re–architecting the network, relocating equipment, and re-assigning IP addresses.
It doesn’t have to be that way. Today there’s an elegant solution that greatly simplifies and accelerates network segmentation: VMware NSX Service-defined Firewall. Purpose–built to protect east-west traffic, VMware Service-defined Firewall enables segmentation without any disruptive physical network or address changes.
To back up a step, let’s examine why network segmentation Continue reading
By Susan Wu, Senior Product Marketing Manager and Yasen Simeonov, Senior Technical Product Manager, Networking and Security Business Unit
Kubernetes has become mainstream in the enterprise. In the latest Cloud Native Computing Foundation (CNCF) survey , 78% of the companies surveyed use Kubernetes in production. Containers are not only the norm but are running at scale with 34% of the organizations using 1,000 containers or more.
Given the rise in deployment, challenges remain as organizations attempt to operationalize Kubernetes.
With the latest release of VMware NSX-T and the NSX Container Plugin (NCP) we continue to address our customers’ top challenges such as security, complexity, and networking.
NSX provides the full stack networking and security across container orchestration platforms including VMware vSphere 7 with Kubernetes, Tanzu, OpenShift and upstream Kubernetes. NSX-T automates network services (distributed switching, routing, firewalling, load balancing/ingress, IPAM), and applies associated firewall policies directly at the pod level as soon as the cluster is spun up using standard Kubernetes commands. This level of simplicity and automation helps manage Kubernetes and the underlying software-defined data center (SDDC) infrastructure providing a common framework for virtualization admins and developers.
Last year, we introduced powerful new innovations that make networking more secure and intrinsic to your infrastructure. These innovations included our Service-defined Firewall and introduction of optional distributed intrusion detection and prevention (IDS/IPS).
At RSAC 2020, VMware is making it easy to learn how intrinsic security can benefit your business with opportunities to engage us in 1:1 conversations, view demos and more.
Here are 3 ways that you can learn more about intrinsic security at RSAC 2020.
Tom Gillis, SVP/GM of Networking and Security at VMware, will be speaking at the RSA Conference in a breakout session. His session covers data center and branch security approaches and will feature demos across the VMware security portfolio including NSX Data Center, VMware NSX Advanced Load Balancer, and VMware SD-WAN.
Be sure to reserve a seat for his session!
Schedule an exclusive conversation with a security executive to discuss how intrinsic security for your network and workloads can enable proactive security that’s easy to operationalize.
Meeting time slots are limited so request a meeting now.
VMworld US 2019 has come to a close. If you didn’t attend, don’t worry as we still have VMworld Europe right around the corner. Join us November 4-7, 2019 to hear experts discuss cloud, networking and security, digital workspace, digital trends and more! Register for VMworld Europe now.
Below is a quick recap and resources to check out from VMworld US 2019.
Congratulations to our NSX Intelligence team: Anirban Sengupta, Umesh Mahajan, Farzad Ghannadian, Kausum Kumar, Catherine Fan and Ray Budavari.
Surprise guest Michael Dell stopped by the Solutions Exchange to check out demos of what’s new from the networking and security business unit demoed by Chris McCain.
Below is a list of sessions that jump into the NSX Continue reading
Is it a thinktank? A forum? An incubator?
4 years ago VMware launched Future:NET with a simple idea of bringing together some of the brightest minds in networking together for an open and honest conversation about the future direction of networking.
While other networking conferences have been reduced to vendor showcases, Future:NET has banned product pitches in exchange for open debates that foster intellectual conversation among professionals across the industry.
Come join us at Future:NET 2019, a premier networking technology event, where we are bringing together everyone from enterprises, startups, and academics to debate and challenge the status quo. Wizards may predict the future, but you should plan to come and play a key role with interactive sessions and network with your peers.
This year we are continuing the tradition of open conversation on technology shifts, the organizational challenges they bring and asking the question “are we really making things simple?”. Topics range from the emergence of XaaS, integrated operation models (SOCs vs NOCs), and the effect of 5G, LISP, and v6 on networking. Join experts from Microsoft, AWS, Stanford, and more as they drive deep technical discussions on the future of the Continue reading
This blog will be part of a series where we start off with a basic re-introduction of VMware AppDefense and then progressively get into integrations, best practices, mitigating attacks and anomaly detection with vSphere Platinum, vRealize Log Insight, AppDefense and NSX Data Center. Before we get into the meat of things, let’s level-set on a few core principles of what VMware believes to be appropriate cyber hygiene. The full white paper can be viewed here.
The SWIFT Controls Framework was created to help customers figure out which controls are needed to better secure their SWIFT environment. The SWIFT security controls framework is broken down into objectives, principles, and controls. The three objectives are “Secure your environment, Know and Limit Access, and Detect and Respond”.
Customers interested in exploring VMware product alignment with the SWIFT framework should evaluate the end-to-end solution. This includes VMware products, as well as other technology that support a customer’s SWIFT platform. The following is a high-level alignment of some of the SWIFT framework controls and VMware products.
As part of a SWIFT deployment, a secured and zoned off environment must be created. This zone contains the SWIFT infrastructure that is used for all SWIFT transaction. Two SWIFT Principles that we will discuss are
These controls are required to be enforced on the SWIFT infrastructure. SWIFT requires that all traffic from the general IT infrastructure to the SWIFT zone be as restricted as possible. They also Continue reading
Is your network ready for applications, automation, multi-cloud, containers and more? Here’s a truth bomb for you: the network that got us here today is not sufficient for tomorrow. Sorry to be sardonic, but here are the facts: today, new business models, cloud adoption, and the explosion of connected devices are now must-haves for organizations that are prioritizing digital transformation initiatives. But legacy network approaches rooted in hardware just don’t cut it anymore; technology is rapidly shifting and improving at a rate that is undeniably fast. To keep up, modern networks must be able to support operations across data centers, multiple clouds, branch locations, and edge devices while prioritizing security for the ever-growing amount of application data that flows from every point within a network.
Despite these shifts and needs, many organizations do not have a unified approach to management, automation, and security. Do you know if your network does? Find out how software-first networking can transform your business.
The Virtual Cloud Network Readiness Assessment can help you assess the current state of your network and security – for free. By answering a few questions in this 10-minute survey, you’ll get a personalized report that Continue reading
With fall in the air, many of us are in the planning stages for big improvements for the year ahead. If your IT team is feeling pressure to increase agility, stay productive and help your company innovate, then you won’t want to miss these sessions to get a head start on the latest approach to networking and security.
Traditional, hardware-based approaches to networking and security are pedantic, inflexible, and notoriously slow-moving. At the same time, the complexity around applications, services and data is increasing, while new, more sophisticated and ever-evolving threats are also in the mix – making IT teams responsible for more environments than ever before (data, cloud, branches, and the edge, oh my!). That’s all to say, there’s a lot to solve for. Luckily the NSX team has your back.
Some of the best things in life are at our fingertips: grocery delivery, the ability to schedule a cleaner with just a few clicks, hailing and tracking drivers from your phone – and now we’d like to add instantly and conveniently accessing information that can completely transform your organization’s IT infrastructure – all from the comfort of your own laptop, from wherever you happen to be.
That’s right – this year, VMware is delighted to present an online event designed to give you all the information you’ll need to help inspire serious changes to IT infrastructure within your organization. This half-day virtual IT event will feature incredible insight from vExperts that’s sure to inspire and educate IT professionals who are itching to deliver serious digital transformation around how to modernize data centers, integrate public clouds, transform networks and security, and secure digital workplaces.
Tuesday, October 9, 2018
9:00 am – 2:00 pm PDT / 12:00 pm – 3:00 pm EDT
The robust agenda and stellar lineup boasts everything from education and inspiration to actual implementation, including:
Business moves fast in today’s digital landscape. Applications, services, and data are becoming more distributed, while threats are becoming more sophisticated. From data centers and the cloud to branches and the edge, IT teams are responsible for more environments than ever before, and the complexity is only increasing.
If your IT organization is under pressure to stay productive, increase agility, and help the business innovate, you know that expectations are high. You’re on the hook to:
Traditional, hardware-based approaches to networking and security can’t help you do all that. They’re inflexible and slow-moving; they require time-consuming manual intervention; they can’t connect and protect all the apps your business needs. That’s why it’s time to reinvent the network…in software.
Our digital, app-centric world can be daunting, but a programmable network was built to meet these changing demands and evolve right along with them. VMware NSX® delivers the foundation for a Continue reading
We have done a series of blogs on NSX Cloud in the last couple of weeks and the response has been great! We have customers who have purchased licenses already and are on-route to deployment, customers with whom we have completed POCs successfully, and a pipeline that looks promising. Meanwhile, recognitions continue to flow from all sides, CRN rated NSX Cloud as one of the 10 best SDN solutions for 2018 and NSX Cloud was judged as Best of Show runners-up in the cloud computing category at Interop Tokyo. With all this excitement and VMworld around the corner, we couldn’t help but write again to provide more updates. So, here we go!
Before reading on, if you would like to quickly go over past blogs, here is your single pane of glass to past blogs *wink*. You can find a high-level overview of VMware’s vision for Virtual Cloud Network and how NSX Cloud fits into the broader vision over here. If you are like, duh! I know that, can you just give me an overview about NSX Cloud… we hear you and this is where you could go to refresh your memory on NSX Cloud. If you are Continue reading
If you’ve wanted to learn about VMware NSX, a L2-L7 networking and security virtualization platform entirely in software, and didn’t know where to start, this is the guide for you. Already an NSX user, and want to improve on your skills? This is also a great resource to becoming an NSXpert!
VMware NSX is a network virtualization and security platform that offers a rich, full-stack of L2-L7 networking services such as routing, switching, load balancing, and firewalling to connect, protect, automate, and manage workloads across private, public and hybrid cloud environment as well as branch and cloud edge environments.
The VMware NSX portfolio consists of a complete set of networking and security offerings designed to address customer use-cases supporting workloads based on virtual machines (VMs), containers, and bare-metal.
Here are the core components of the NSX portfolio:
VMware NSX is going worldwide! We’ll be out and about through the end of the year, spreading networking and security love across America, Asia Pacific, and Europe. Our goal is to help agile organizations move toward a Virtual Cloud Network with consistent connectivity, branch optimization, and security across all infrastructure.
Whether we’ll be at a booth, product demo, talk, or otherwise – we want to connect! Join us at any of the major conferences and NSX upcoming events listed below to chat with our product experts. And, if you think you’ll be in attendance, be sure to tweet at us to let us know!
Checkpoint CPX – 2/4
When: February 2 – 4, 2019
Where: Las Vegas, NV
Click here to learn more
Networking Field Day – 2/13
When: February 13 – 15, 2019
Where: Palo Alto, CA
Click here to learn more
Mobile World Congress – 2/25
When: February 25 – 28, 2019
Where: Barcelona, Spain
Click here to learn more
RSAC – 3/4
When: March 4 – 8, 2019
Where: San Francisco, CA
Click here to learn more
Cisco Live APJ– 3/5
When: March 5 Continue reading