Can we secure the DC with VMware? - Blog | Parallo
- By Shaun WebberHaving recently been sniffed out at customs with an unknown banana in my bag, I thought about border security. I then thought about the different areas of our business and the role we play in securing our customers environments. I discussed with the Platform specialists here, who focus on enabling our customers to modernise and leverage their investment in VMware (i.e. Automate, Orchestrate, Manage Availability and Performance). We agreed it might be beneficial to comment on a few VMware specific solutions and how they help to secure the Data Centre.
The deeper/technical insights will be provided in follow up blogs from the specialists here, but I wanted to touch on some of the thinking.
To help set the scene, Parallo is a longstanding VMware partner, holding a Master Competency in Data Center Virtualisation (DCV) along with numerous specialist Solution Competencies. We design, build and manage complex VMware based environments.
In my opinion, and marketing fluff aside, we now have the appropriate software and tooling to deliver a policy driven and automated Data Centre with VMware. The interesting parts to me are the edge and connecting into multi-clouds, whether that be private or public.
Network Virtualisation and Micro segmentation play a critical part in this policy driven environment. We would love to see more adoption in Network Virtualisation (NSX), as this isn’t being deployed fast enough. In my opinion, the key reason is that the customer isn’t ready, as they certainly value it. Main reasons being budget, technical debt and/or still in planning phase for a wider transformation project. It’s certainly on the agenda in our recent discussions, and with it being a requirement for VMware Cloud on AWS (NSX-T), Multi-Cloud Security will be a hot topic for discussion.
Although not for the masses, we’ve seen an interest in Network Function Virtualisation within Telcos. Maybe Pat Gelsinger was right https://www.itnews.com.au/news/aussie-carriers-already-prepping-for-nfv-vmware-ceo-511709
HCI deployments are on the rise. Not necessarily for cost saving, but rather for ease of management and scalability. We are seeing predominately mixed workloads running on these new deployments and the default being All Flash. From a security perspective, there are options to encrypt data at rest and in transit. I just wish there was better de-dupe across the global pool of disks ?.
One of the hidden gems is vCloud Director. It’s a quality product and one in which I would love to see available for Enterprise customers. Having recently replaced our Cloud Hosting platform with vCD, I had the opportunity to see it’s feature rich self-service multi-tenancy capability. Unfortunately, it doesn’t support a BYOL model (for VMware) and is sold on a subscription basis. In my simple view it’s basically VMware Cloud Foundation (VCF) with multi-tenancy.
Future looking and DC security related, I expect AppDefense, Micro segmentation, PKS and VMware Cloud Foundation (VCF) will play a larger role in our discussions moving forward, with VCF gaining more traction in the larger Enterprise customers that want the full-sized can of VMware SDDC goodness (security built in, lifecycle automation, orchestration, NSX).
Following are some of the areas which the team will cover in subsequent blogs, so please keep an eye out. There are numerous areas which could be covered, such as EUC, MDM, PKS, SSO & Certificates etc., but best to concentrate on just a few valuable areas I believe.
- NSX Security (Micro segmentation, App visibility, Dynamic Network Security Policies, agentless AV and Multi-Cloud Security)
- AppDefense to get deep Application Visibility and protection
- vCloud Director and NSX
- vSAN Security
It’s certainly interesting times ahead. We have the tools, capability and expertise to help our customers realise a software defined data centre. Will be interesting to reflect on this in a years’ time. Where is your organisation at in its Software Defined journey?