Combination of VMware NSX With AirWatch or VMware Horizon Helps Reduce Security Threats From Over-Provisioned Access Inside the Data Center With Network Micro-Segmentation
PALO ALTO, CA–(Marketwired – April 15, 2015) – VMware, Inc. (NYSE: VMW), the global leader in virtualization and cloud infrastructure, today announced the company is transforming hybrid cloud security for mobile end users through the combination of VMware NSX™ network virtualization and the company’s business mobility solutions, AirWatch® by VMware and VMware Horizon®.
Next week at RSA Conference, VMware will showcase how VMware NSX, when deployed with AirWatch EMM or VMware Horizon, addresses the enterprise security challenge of over-provisioned data center access through the use of network micro-segmentation. This unique combination creates an individualized virtual network that allows users or groups to access only the specific applications within the data center to which they are authorized. This model can prevent users from accessing or even seeing resources that exist within the data center to which they are not entitled. Through this unique combined solution, IT can help minimize security threats resulting from over-provisioned access that is common with traditional gateway VPNs.
“VMware is a driving force in helping to evolve security inside the data center through micro-segmentation with VMware NSX, and on the device level through capabilities such as per-application VPN,” said Noah Wasmer, vice president of product management and CTO, End-User Computing, VMware. “Today we are bringing the power of these two solutions together to deliver the ability to implement a fully-segmented virtualized data center network that meets the unique challenges presented by today’s mobile end users.”
Micro-segmentation: Better Security with a Software-Defined Data Center Approach
Organizations typically provide user access through a secure VPN gateway connection into the cloud data center where applications and data reside. Once inside the data center, however, users can gain nearly unlimited access to all of the resources inside of the data center. Modern attacks exploit this perimeter-centric defense strategy by ‘hitching a ride’ from authorized users using completely secure connections, then moving laterally within the data center between workloads with little or no controls to block propagation. As more and different types of devices are coming into businesses, IT requires a solution that solves this over-provisioned access challenge to provide secure, restricted access to only the resources to which users are entitled.
VMware NSX helps solve this challenge through network micro-segmentation inside the data center. The VMware NSX approach to securing user access offers several advantages over traditional security approaches — automated provisioning, automated move/add/change for workloads, distributed policy enforcement at every virtual interface and in-kernel, scale-out firewalling distributed to every hypervisor or virtual desktop and baked into the platform.
- Deploying VMware NSX with AirWatch Enterprise Mobility Management – combining AirWatch identity management and per-app VPN controls with VMware NSX network virtualization completes the security bridge from the device to the data center. This solution enables IT to assign exact data center resources to specific applications based on the organizational groups already set up through AirWatch EMM. The permissions set by IT can prevent the enterprise from overexposing data center information to applications on any device while still empowering the mobile user with the corporate resources they need to do work efficiently and effectively. The combined solution also gives admins greater visibility into what mobile users can access and eases change management as new applications come online.
- Deploying VMware NSX with Horizon – this solution enables effective firewalling for each virtual desktop at a VM level, preventing the spread of threats from desktop to server as well as desktop to desktop. Security policies can be created based on individual users or logical groupings, rather than being tied to rigid network topologies, and VMware NSX streamlines and simplifies configuration of security policies based on types of users (e.g., engineering, HR, finance) and types of data being accessed (e.g., credit card, payroll). Because mobile and virtual desktop sessions are more dynamic than server workloads, static security policies are far less effective. VMware NSX simplifies and automates application of network and security policies to users or virtual desktop pools.
- “As organizations move toward Third Platform adoption, they will expose more of their data center resources to an increasing number of devices and users. This will introduce increased risk, and require a reassessment of data center security strategies. Highly-segmented virtualized data center networks, combined with identity-based end point security, represents a step forward in solving some Third Platform security challenges. With this solution, VMware is helping customers begin to address these challenges today.” – Brad Casemore, research director, Datacenter Networks, IDC
- “There is enormous potential for increased and precise security with the combination of VMware NSX™ with AirWatch® by VMware and Horizon® to provide micro-segmentation from the device into the data center. This solution addresses over-provisioning inside the data center as more workers use mobile applications to access critical business data.” – Bob Egan, CEO and founder, The Sepharim Group
VMware at RSA Conference 2015
Attendees of the RSA Conference can learn more about how VMware NSX can help improve security for mobile users and virtual desktops at Moscone Center in the south hall, booth #1315. On Thursday, April 23 at 10:20 a.m. in Moscone North Room 130, VMware will present on “Limiting the Spread of Threats: A Data Center for Every User.”
- VMware’s Noah Wasmer details this news in a video blog on Tribal Knowledge
- Watch this video and read this blog about how VMware NSX makes micro-segmentation economically and operationally feasible for securing virtual desktops
- Read this blog about how network security is the hidden gem of VMware NSX network virtualization
- Learn how to #VirtualizeYourNetwork and keep up with VMware NSX on Facebook, Google+, Twitter and YouTube
- Interact with AirWatch on Twitter, Facebook, Google+, and LinkedIn
VMware is a leader in cloud infrastructure and business mobility. Built on VMware’s industry-leading virtualization technology, our solutions deliver a brave new model of IT that is fluid, instant and more secure. Customers can innovate faster by rapidly developing, automatically delivering and more safely consuming any application. With 2014 revenues of $6 billion, VMware has more than 500,000 customers and 75,000 partners. The company is headquartered in Silicon Valley with offices throughout the world and can be found online at www.vmware.com.
VMware, VMware NSX, Horizon and AirWatch are registered trademarks or trademarks of VMware, Inc. and its subsidiaries in the United States and other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. The use of the world “partner” or “partnership” does not imply a legal partnership between VMware and any other company.