Why Consider Virtualizing Your Network?
Lately network security has certainly come under the microscope of the general public with several large-scale security breaches from major corporations, such as Target, Home Depot, and Apple just to name a few. If such large organizations with millions of dollars in their IT budget cannot prevent these breaches, how can an SMB secure their network with a significantly lower IT budget? That thought is particularly concerning when you consider that approximately 60% of small businesses close within six months of a cyber attack according to the U.S. House Small Business Subcommittee on Health and Technology.
Is there something fundamentally insecure with the secure perimeter we are building around our data centers? Recent security breaches indicate that having a secure perimeter around your data center is not enough to prevent attacks to your systems and data breaches. Attacks can still penetrate our network by attacking lower priority systems, which typically have lower security. These attacks then move laterally across the network until landing on a critical server to extract data.
The traditional perimeter centric strategy leaves a huge hole offering zero protection inside the data center to contain lateral propagation of threat. Security distributed inside the data center is needed to prevent these lateral threats. However, this approach has typically not been taken, because the cost to maintain a physical security appliance between every system in a data center is cost-prohibitive even for the largest corporations.
Luckily, the emergence of network virtualization provides the opportunity to make security inside the perimeter financially viable and a complement to the physical hardware firewalling the perimeter. VMware is once again poised to be the leader of the pack with their NSX network virtualization platform. VMware’s NSX goes beyond simply offering vLANs and enables the entire network to be virtualized just as vSphere enables server virtualization.
Perhaps most fundamental to the core of the virtualized network is NSX’s micro-segmentation feature. Micro-segmentation provides security inside the network via a stricter, micro-granular security model. This model enables security to be assigned to individual workloads within the perimeter, and these policies can be provisioned automatically. Essentially, this micro-segmentation is the equivalent of deploying a physical firewall per workload.
NSX provides also provides features that significantly improve ease of network deployment and management. For example, NSX’s programmatic programming enables IT departments to reduce the network provisioning delivery time from weeks to months and removes the operational barrier to innovation that the network has traditionally caused.
For information on how Aventis Systems can help implement, integrate, and deploy your network, read about our Network & Security Solutions.