Category : IMO

IMO
1

What Micro Segmentation Is Not…

NSX-vSphere Micro Segmentation Review

NSX for vSphere has a compelling use case around Micro Segmentation –

  1. The ability to orchestrate the provisioning of new Layer 2 and Layer 3 application networks via API in a matter of seconds using VXLAN as the overlay technology allowing networks to be created for each application segment on demand. There are numerous benefits in doing this but the big one is this really simplifies the mobility of applications for BC/DR purposes… Easy to move the application and its dedicated network vs dealing with the complexity of splitting Layer 2 networks that support many applications.
  2. The ability to isolate VM’s from each other using customer defined business attributes or vCenter attributes independent of the network topology using Layer 4 Stateful firewall policy. Even with VM’s on the same network segment as each other, Layer 4 Stateful firewall policy dictates how these VM’s should communicate with each other and to the outside world… If you want complete isolation of VM’s on the same network as each other, this is easily accomplished with Layer 2, 3, or 4 security policies.
  3. The ability to apply static or dynamic policy based on changing security conditions within the infrastructure. As example, a virus is identified or intrusion detected will automatically firewall protect the infrastructure from the compromised VM.
  4. Using 3rd Party extensibility, ability to extend native Layer 4 Stateful inspection to Layer 7 Deep Packet Stateful inspection…
Read More
IMO
0

The Phoenix Virtual Application…

Traditionally, applications based on physical and/or virtual machines have a lifecycle that can be measured in months to years. Today, a Software Defined Data Center virtual application and its network security constructs can easily be defined in a Blueprint for consumption as needed, but longevity of these applications worse case can still be considerable.

The Phoenix Virtual Application describes an application that has a lifecycle measured from minutes to a few weeks at most, then reclaimed (deleted) and redeployed over and over again…

Read More
IMO
0

Science Experiments / Technology Evaluations

I’m a huge fan of science experiments – Testing both large and small changes to technology, people, and process as part of a strategy of continuous improvement.

Certainly there are formal methodologies that support this approach – Toyota’s Total Quality Management and others such as 6 Sigma. Formal methodologies are great, but science experiments don’t needed to be formal projects and they can certainly and should be performed daily by everyone both on a large and small scale…

Read More