modern security for the modern data center

11
MODERN SECURITY FOR THE MODERN DATA CENTER Why Micro-segmentation Is Trending Across the Industry

Upload: vmware

Post on 16-Apr-2017

799 views

Category:

Technology


0 download

TRANSCRIPT

MODERN SECURITY FOR THE MODERN DATA CENTERWhy Micro-segmentation Is Trending Across the Industry

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSIONINTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

Your Data Center Is At RiskAs data center breaches continue to rise, many IT

organizations are moving to a more secure model:

micro-segmentation enabled by network virtualization.

Here’s why.

2M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

The Cost of a Data Breach Has Never Been HigherToday, security breaches are more expensive than ever. The average data breach costs: 1

1 2015 Cost of Data Breach Study: Global Analysis, Ponemon Institute

$3.79M total

$154 per lost or

stolen record

23% more than a data

breach in 2013

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

3M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

What Does It Take to Protect Against Modern Threats?• Security inside the data center

• An agile, comprehensive solution

• Secure network traffic

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

4M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

Perimeter-Centric Security Doesn’t Measure Up• Physical firewalls are expensive and

difficult to maintain

• Physical devices are slow and can’t be everywhere at once

• Perimeter security leaves east-west traffic exposed

Traditional Data Center Security

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

5M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

The Zero Trust ModelIf traditional security doesn’t work, what do data centers need to stay secure?

Forrester Consulting says that to keep data safe, everything must be considered a threat.2

They call this the Zero Trust Model.

Zero Trust

2 Leverage Micro-Segmentation To Build A Zero Trust Network, A commissioned Thought Leadership Paper conducted by Forrester Consulting on behalf of VMware, July 2015

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

6M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

How Does The Zero Trust Model work?1. Verify and secure all resources

2. Strictly enforce access control across all users, devices, and channels

3. Log and inspect all traffic, internal and external

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

7M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

Micro-segmentation Is the AnswerMicro-segmentation is the use of fine-grained policies and network controls that enable security inside the data center, preventing the lateral spread of threats once they breach the perimeter defense.

Data Center Security with Micro-segmentation

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

8M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

Micro-segmentation Capabilities• Builds security into the data center DNA

• Sets the stage for the Zero Trust Model

• Protects workloads using individual firewalls

• Isolates threats until they can be eliminated

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

9M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

INTRODUCTION | VMWARE NSX | MICRO-SEGMENTATION | CASE STUDIES | CONCLUSION

Benefits of Micro-segmentationOnce enabled by network virtualization, micro-segmentation will:

Keep security in sync with dynamic workflows

Enable faster delivery of networking and security services

Create more flexible, realistic security policies

INTRODUCTION | THE CHALLENGES | ZERO TRUST MODEL | MICRO-SEGMENTATION | CONCLUSION

1 0M O D E R N S EC U R I T Y F O R T H E M O D E R N DATA C E N T E R

It’s Time to Leap ForwardIn today’s fast-paced world, it’s increasingly difficult to recover from a malicious attack.

With micro-segmentation, you can stay protected and reap the benefits for years to come.

VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.comCopyright © 2016 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Item No: vmware-modern-security-for-the-modern-data-center 09/16

Read the trend brief, Modernize Your Data Center’s DNA >Learn more about VMware NSX >

Join Us Online:

LEARN MORE ABOUT MICRO-SEGMENTATION