VMware: The Shape of Things to Come: A New Era in Security
The introduction of VMware NSX has been central in helping our partners deliver a next-generation approach to cyber security. It reflects two fundamental shifts in the market: firstly, a move towards the ‘zero-trust’ security model, and secondly, encouraging the adoption of a more holistic approach, where a security policy is centrally defined – replacing the attempted definition of a policy across multiple, individual security systems.
Castles vs. Hotels
Looking closely at the first shift, we have seen an increasing move away from the traditional ‘Trust Everyone’ style of network in which resource was poured into creating a hard perimeter aimed at keeping threats outside the organisation’s network. Users with the ‘right’ permissions could be granted access to the environment and able to move freely once inside. Needless to say that this approach has serious drawbacks, specifically in the threat posed should a hacker make it through the hard perimeter. With unlimited access to the environment, the potential for them to wreak havoc and destruction is near limitless.
Unsurprisingly, organisations are now looking elsewhere and beginning to favour the ‘Zero-Trust’ approach. If the former model could be compared to a castle (with a hardened wall but no internal security), the latter approach is more like a hotel with each individual room secured separately, and each safe within that room locked– so even if a hacker was able to access one of the rooms, thanks to the locks on each room’s door and safe they cannot use it as an entry point for any other part of the hotel. Using microsegmentation, VMware NSX enables this lockdown, controlling east-west (or server to server) traffic in a data centre, so that if one virtual machine is compromised, it does not compromise any other part of the system. Reputation is everything to a business’ bottom line and protecting IP and customer data, for example, is vital. Perimeter security simply doesn’t do this.
Read the entire article here, The Shape of Things to Come: A New Era in Security
via the fine folks at VMware!