Upload
vmware
View
799
Download
0
Embed Size (px)
Citation preview
MODERN SECURITY FOR THE MODERN DATA CENTERWhy Micro-segmentation Is Trending Across the Industry
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSIONINTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
Your Data Center Is At RiskAs data center breaches continue to rise, many IT
organizations are moving to a more secure model:
micro-segmentation enabled by network virtualization.
Here’s why.
2M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
The Cost of a Data Breach Has Never Been HigherToday, security breaches are more expensive than ever. The average data breach costs: 1
1 2015 Cost of Data Breach Study: Global Analysis, Ponemon Institute
$3.79M total
$154 per lost or
stolen record
23% more than a data
breach in 2013
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
3M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
What Does It Take to Protect Against Modern Threats?• Security inside the data center
• An agile, comprehensive solution
• Secure network traffic
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
4M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Perimeter-Centric Security Doesn’t Measure Up• Physical firewalls are expensive and
difficult to maintain
• Physical devices are slow and can’t be everywhere at once
• Perimeter security leaves east-west traffic exposed
Traditional Data Center Security
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
5M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
The Zero Trust ModelIf traditional security doesn’t work, what do data centers need to stay secure?
Forrester Consulting says that to keep data safe, everything must be considered a threat.2
They call this the Zero Trust Model.
Zero Trust
2 Leverage Micro-Segmentation To Build A Zero Trust Network, A commissioned Thought Leadership Paper conducted by Forrester Consulting on behalf of VMware, July 2015
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
6M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
How Does The Zero Trust Model work?1. Verify and secure all resources
2. Strictly enforce access control across all users, devices, and channels
3. Log and inspect all traffic, internal and external
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
7M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Micro-segmentation Is the AnswerMicro-segmentation is the use of fine-grained policies and network controls that enable security inside the data center, preventing the lateral spread of threats once they breach the perimeter defense.
Data Center Security with Micro-segmentation
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
8M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Micro-segmentation Capabilities• Builds security into the data center DNA
• Sets the stage for the Zero Trust Model
• Protects workloads using individual firewalls
• Isolates threats until they can be eliminated
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
9M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION
Benefits of Micro-segmentationOnce enabled by network virtualization, micro-segmentation will:
Keep security in sync with dynamic workflows
Enable faster delivery of networking and security services
Create more flexible, realistic security policies
INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION
1 0M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R
It’s Time to Leap ForwardIn today’s fast-paced world, it’s increasingly difficult to recover from a malicious attack.
With micro-segmentation, you can stay protected and reap the benefits for years to come.
VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.comCopyright © 2016 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: vmware-modern-security-for-the-modern-data-center 09/16
Read the trend brief, Modernize Your Data Center’s DNA >Learn more about VMware NSX >
Join Us Online:
LEARN MORE ABOUT MICRO-SEGMENTATION