Parallo Blog

   

Can we secure the DC with VMware?

Having recently been sniffed out at customs with an unknown banana in my bagI thought about border security. I then thought about the different areas of our business and the role we play in securing our customers environments. I discussed with the Platform specialists here, who focus on enabling our customers to modernise and leverage their investment in VMware (i.e. Automate, Orchestrate, Manage Availability and Performance)We agreed it might be beneficial to comment on a few VMware specific solutions and how they help to secure the Data Centre.  

The deeper/technical insights will be provided in follow up blogs from the specialists here, but I wanted to touch on some of the thinking. 

To help set the scene, Parallo is a longstanding VMware partner, holding a Master Competency in Data Center Virtualisation (DCV) along with numerous specialist Solution Competencies. We design, build and manage complex VMware based environments 

In my opinion, and marketing fluff aside, we now have the appropriate software and tooling to deliver a policy driven and automated Data Centre with VMware. The interesting parts to me are the edge and connecting into multi-clouds, whether that be private or public.  

Network Virtualisation and Micro segmentation play a critical part in this policy driven environment. We would love to see more adoption in Network Virtualisation (NSX), as this isn’t being deployed fast enoughIn my opinionthe key reason is that the customer isn’t readyas they certainly value it. Main reasons being budget, technical debt and/or still in planning phase for a wider transformation project. It’s certainly on the agenda in our recent discussions, and with it being a requirement for VMware Cloud on AWS (NSX-T), Multi-Cloud Security will be a hot topic for discussion. 

Although not for the masses, we’ve seen an interest in Network Function Virtualisation within TelcosMaybe Pat Gelsinger was right https://www.itnews.com.au/news/aussie-carriers-already-prepping-for-nfv-vmware-ceo-511709  

HCI deployments are on the riseNot necessarily for cost saving, but rather for ease of management and scalability. We are seeing predominately mixed workloads running on these new deployments and the default being All FlashFrom a security perspective, there are options to encrypt data at rest and in transit. I just wish there was better de-dupe across the global pool of disks ?.  

One of the hidden gems is vCloud Director. It’s a quality product and one in which I would love to see available for Enterprise customers. Having recently replaced our Cloud Hosting platform with vCD, I had the opportunity to see it’s feature rich self-service multi-tenancy capability. Unfortunately, it doesn’t support a BYOL model (for VMware) and is sold on a subscription basisIn my simple view it’s basically VMware Cloud Foundation (VCF) with multi-tenancy.  

Future looking and DC security related, I expect AppDefense, Micro segmentation, PKS and VMware Cloud Foundation (VCF) will play a larger role in our discussions moving forward, with VCF gaining more traction in the larger Enterprise customers that want the full-sized can of VMware SDDC goodness (security built in, lifecycle automation, orchestration, NSX) 

Following are some of the areas which the team will cover in subsequent blogs, so please keep an eye out. There are numerous areas which could be covered, such as EUC, MDM, PKS, SSO & Certificates etc., but best to concentrate on just a few valuable areas I believe. 

  • NSX Security (Micro segmentation, App visibility, Dynamic Network Security Policies, agentless AV and Multi-Cloud Security) 
  • AppDefense to get deep Application Visibility and protection 
  • vCloud Director and NSX 
  • vSAN Security 

It’s certainly interesting times ahead. We have the tools, capability and expertise to help our customers realise a software defined data centre. Will be interesting to reflect on this in a years’ timeWhere is your organisation at in its Software Defined journey? 

 

linkedin