April 15, 2015
Next week at RSA Conference, VMware said it will “showcase” how VMware NSX, when deployed with AirWatch EMM or VMware Horizon, addresses the enterprise security challenge of over-provisioned data centre access through the use of network micro-segmentation.
According to the company, this combination creates an individualized virtual network that allows users or groups to access only the specific applications within the data centre to which they are authorized.
It added that the model can prevent users from accessing or even seeing resources that exist within the data centre to which they are not entitled.
“Organizations typically provide user access through a secure VPN gateway connection into the cloud data centre where applications and data reside,” it said.
“Once inside the data centre, however, users can gain nearly unlimited access to all of the resources inside of the data centre. Modern attacks exploit this perimeter-centric defence strategy by ‘hitching a ride’ from authorized users using completely secure connections, then moving laterally within the data centre between workloads with little or no controls to block propagation.”
Brad Casemore, research director, Datacenter Networks at IDC, said as organizations move toward Third Platform adoption, “they will expose more of their data centre resources to an increasing number of devices and users. This will introduce increased risk, and require a reassessment of data centre security strategies. Highly-segmented virtualized data centre networks, combined with identity-based end point security, represents a step forward in solving some Third Platform security challenges.”