My Assessment of VMware NSX
At last week’s VMworld event in San Francisco, I spent a good deal of time speaking with VMware, its customers, and a wide variety of its partners about the cybersecurity use case for NSX. I came away from the event believing that NSX (and other similar SDN technologies like Cisco ACI, Juniper Contrail, HP VAN, Illumio, vArmour, etc.) have great potential to help large organizations lower cyber-risk.
NSX supports the concept of micro-segmentation through software-defined rules and administration. To me, this capability could bolster cybersecurity by:
1. Decreasing the attack surface. Cyber-adversaries are finding their way to sensitive data by scanning networks, stealing credentials, and escalating access privileges. Micro-segmentation could make this process a lot harder by restricting network traffic to small subsets of IT assets. I realize that this wouldn’t stop a motivated attacker but it could make sensitive data exfiltration a lot harder and costlier for the bad guys while buying time for cybersecurity professionals to detect and respond to suspicious activities.
To read this article in full or to leave a comment, please click here