VMware: Rackspace Meets New PCI-DSS Compliance with VMware NSX Network Virtualization
Many organizations are wrapping up the transition to version 3.1 of PCI DSS compliance. Though much of the focus of v3.1 has been around the security concerns regarding SSL and early versions of TLS, a couple of the VMware vCloud Air Network cloud providers I work with have taken the opportunity to review their entire PCI DSS certification.
As our cloud provider partners make the transition to v3.1, one of them, Rackspace, stands out because of the approach they took. Rackspace made the decision to leverage VMware NSX as the vehicle to get them to their destination. All of us who are familiar with NSX can rattle off the use cases off the top of our head: security, automation, compliance, etc. Compliance, although a powerful use case, is often less “sexy” and as a result, less discussed than the others. Let’s do it some justice today.
Rackspace has data centers all over the globe, and as they were preparing to transition to v3.1, they decided to revisit their internal network architecture. In a nutshell, the legacy network was built on a flat L2. Previously, there wasn’t a ton of attention paid to this by the QSA, but it now raised a flag. This was a significant concern as their L2 spanned 8 datacenters across 4 continents. Obviously, this was going to be a major undertaking for them to address. As in most organizations, they are resource constrained and by the time they could free up the appropriate personnel, it was early April (remember June 30 was the deadline). As they assessed the risks and the scope, they realized they had 2 options:
Read the entire article here, Rackspace Meets New PCI-DSS Compliance with VMware NSX Network Virtualization
via the fine folks at VMware!