VMware: Context, Visibility and Containment – NSX Securing “Anywhere” Part V
Welcome to part 5 of the Micro-Segmentation Defined– NSX Securing “Anywhere” blog series. Previous topics covered in this series includes
In this post we describe how NSX micro-segmentation enables fundamental changes to security architectures which in turn facilitate the identification of breaches:
- By increasing visibility throughout the SDDC, eliminating all blind spots
- By making it feasible and simple to migrate to a whitelisting / least privileges / zero-trust security model
- By providing rich contextual events and eliminating false positives to SIEMs
- By providing inherent containment even for Zero Day attacks
Threat analysis is the new trend of the security landscape and established vendors as well as startups are proposing many tools to complement the current perimeter logging approach. The attraction for these tools is based on the assumption that by correlating flows from different sources within a perimeter, threat contexts will emerge and compromised systems will be uncovered. Currently, these systems go unnoticed for long periods of times because the suspicious traffic moves laterally inside the perimeter and does not traverse a security device: you can’t protect what you don’t “see”.
Read the entire article here, Context, Visibility and Containment – NSX Securing “Anywhere” Part V
via the fine folks at VMware!