The ability to add context is something that practically all IT Practitioners pursue. When attempting to break an application down into its component parts, any additional contextual data is invaluable. NSX and the Service Composer assists with the contextualization of your applications.
In the instalment of the Getting More Out Of NSX series, we will explore the depths of what can be done with Service Composer to assist with the definition of micro-segmentation security policy. You will learn:
Geoff Shukin
Senior NSX System Engineer
VMware
Geoff Shukin is a Senior Sales engineer in VMware’s NSBU organization and has responsibilities in the Pacific North West Region. Prior to joining VMware, Geoff opened up the Western Canadian Territory for a little security startup called Palo Alto Networks. Geoff is focused on helping customers seeing things differently and challenging the status quo. Geoff is based in Calgary where he spends most of his time in the hockey rink.
It is widely agreed that in security, limiting the scope to what an application or user requires to do their job is the best method to reduce risk. The challenge is often learning and defining what an application truly needs to work correctly. Most organizations find that this technical debt is rarely paid in full. One method to learn what an application needs to work correctly is to watch what it does and build a set of rules from that data. This is where vRNI comes in and helps this process.
In this instalment of Getting More Series we will dive deep into vRNI and its uses to assist with your micro-segmentation planning and implementation. You will learn:
Tim Davis
Sr. Systems Engineer, NSX Enterprise
VMware
Tim Davis is a Senior Systems Engineer for VMware. He currently specializes in NSX, but has a background in vSphere and VDI architecture. His key engagements as a presenter have been at VMworld, VMUG, and on the vBrownBag podcasts.
Do you have a hard time visualizing PCI compliance of your datacenter? Are you using NSX for micro-segmentation? In this session, we will focus on VMware NSX as a framework protecting PCI assets in your VMware environment. Then we use vRealize Network Insight (vRNI) to provide the visualization and monitoring of those assets to validate compliance to specific PCI objectives.
In this installment of the Getting More Out Of NSX series, we will focus on how we can use vRNI to assess compliance for an NSX environment. You will learn:
Mason Ferratt
Sr. Systems Engineer, Network & Security Business Unit
VMware
Mason Ferratt's real life is anything but virtual. When he is not soaking up the San Diego sun with his family, he is providing customers a clear understanding of the value VMware NSX technology brings to the virtual world. This includes understanding of customer network/cloud related problems, architecting solutions integrated with their environment and discussing both technical and business values of Network Virtualization with NSX. He has over 20+ years in the IT networking industry - enterprise, service provider, private/public sector, and vendors (large, small, startup). He holds engineering degrees from GWU and UVA, a number of vendor certifications in his pocket, and also served in the US Army. Be gentle (and patient)
Enforcing a whitelisted application policy, where zero trust architecture is the default, is the goal for most of us. However, getting even a single workflow identified and a ruleset created for it can be a real challenge. How do you get started? In this session, we will look at the built-in tool that VMware NSX provides to help simplify the process of micro-segmentation workflows by evaluating current applications and creating a whitelisted rule base for you to enforce. It is the easy button! The tool is called Application Rule Manager (ARM) and was introduced in VMware NSX version 6.3. ARM correlates specific user-defined and real-time flow information between a workload, so a security model can be built around it without making compromises or adding complexity in defining the actual communication. This quick targeted modeling of an application significantly reduced time to value and enables you to begin enforcing a whitelist policy in your data centers.
In this instalment of the Getting More Out Of NSX series, we will explore the ease of use to provide targeted modeling of an application based on live flows and the ability to apply specific rules to enable micro-segmentation.
You will learn:
Kevin Fletcher
Sr. Systems Engineer
VMware
Kevin Fletcher is a Sr. System Engineer in VMware’s NSBU organization based out of Southern California. Kevin has over 15 years of experience ensuring customers have secure and scalable data centers. Over the last couple of years, Kevin has been focused on helping customers tackle the speed, agility and scale challenges of their distributed applications with virtualized services across private and public clouds.