Next Gen Network Security topologies

Introduction In this blogpost I want to discuss the benefits of using a Software Defined Network (SDN) solutions in the evolving network security landscape. What, why and how: network security and micro-segmentation? In traditional networking environments filtering (from now on I will call it “firewalling”) is executed at the edge (or perimeter) of each network. With “each network” I mean a layer 2 domain: a … Lees verder Next Gen Network Security topologies

vRNI (non-described) issue: hostname/IP is unreachable when adding vCenter as a Data Source

Problem Description: Today I ran into a problem when adding a vCenter server by its hostname to vRealize Network Insight. I received the following error message: Hostname/IP is unreachable. Which (as explained in this VMware KB article) should be related to a network connectivity issue. But after doing some troubleshooting (ping, curl and nslookup were all successful) I was send back to the drawing-school, because … Lees verder vRNI (non-described) issue: hostname/IP is unreachable when adding vCenter as a Data Source

NSX vs “the Physical World”

A small introduction I’m visiting VMworld for quite some years now, and every year there is a fully booked session about “Deploying NSX Datacenter on a Cisco Infrastructure” (in this case NET1945BE). Each year this is a session full of discussions about whether or not it’s a good idea to run NSX AND/OR Cisco ACI from the audience perspective. The audience is divided into either … Lees verder NSX vs “the Physical World”

Designing a NSX Security framework

As described in my previous blog, implementing micro-segmentation can have a operational burden on the network/security teams who must manage the environment. There are multiple ways to organize the NSX firewall rulebase leveraging the NSX Distributed Firewall (DWF), to enable micro-segmentation. One of the methods is using a (non-official) security framework. The NSX Security Framework provides a predefined security offensive, which can be used as … Lees verder Designing a NSX Security framework

NSX: Security vs workability

In this digitalized world were the number of internet-connected devices is growing each year, the number of cyber-attacks (through data theft, ransomware, unauthorized access, etc.) is increasing also. Security is shifting towards the board-level at companies, because the costs involved with security-breaches are hitting the business hard. Security must be considered on all aspects: from the digital workspace (desktop, mobile) towards the datacenter were critical … Lees verder NSX: Security vs workability