SlideShare uma empresa Scribd logo

vSEC pro VMware NSX

MarketingArrowECS_CZ
MarketingArrowECS_CZ

Virtualization Forum 2017 Praha, 1.11.2017

Tecnologia
1 de 48
Baixar para ler offline
©2015 Check Point Software Technologies Ltd. 1©2015 Check Point Software Technologies Ltd. Zabezpečení softwarově definovaných datových center prostřednictvím Check Point vSEC a VMware NSX Peter Kovalčík Security Engineer, Check Point Software Technologies
©2015 Check Point Software Technologies Ltd. 2 Hey, I can spin-up VMs in minutes. Why does it take a week to get network/firewall changes State of Virtualization vs. Networking
©2015 Check Point Software Technologies Ltd. 3 ​DATA CENTERS ​are rapidly evolving.
©2015 Check Point Software Technologies Ltd. 4 Virtual Datacenter ​DATA CENTER EVOLUTION • Server (compute) virtualization • Network operation is manual Software Defined Datacenter Private Cloud • Network are is also virtualized • Services can be dynamically inserted and orchestrated via automation
©2015 Check Point Software Technologies Ltd. 5 ​THE NEW ERA OF SOFTWARE-DEFINED DATACENTERS (SDDC) Allowing IT to deliver applications at a fraction of the cost and time in a more secure way!
©2014 Check Point Software Technologies Ltd. 6 SECURITY CHALLENGES IN THE CURRENT DATACENTER
©2015 Check Point Software Technologies Ltd. 7 WEST EAST SOUTH NORTH Perimeter (north-south) security is blind to 80% of the east-west data center traffic ​Challenge #1: Increasing Traffic Inside the Datacenter
©2015 Check Point Software Technologies Ltd. 8 • Lack of security control between VMs • Threat can easily traverse VLANs • Threats attack low-priority service and then move to critical systems Modern threats can spread laterally inside the data center, moving from one application to another ​Challenge #2: Lateral Threats Inside the Data Center
©2015 Check Point Software Technologies Ltd. 9 Traditional static controls fail to secure dynamic networks and highly mobile applications ​Challenge #3: Security Ignores Data Center Changes • New Virtual Machines • Virtual Machine movement • VM that change IP address • Dormant VMs that wakes up • VMs move between VLANs
©2015 Check Point Software Technologies Ltd. 10 How to define secure policy for catalog applications that have not been provisioned and still don’t have IP address? Lack of security automation impacts business agility in delivering services, results in security gaps ​Challenge #4: Security Inhibits Data Center Agility
©2015 Check Point Software Technologies Ltd. 11 Securing SDDC - goals  Better SECURITY  Better MANAGED  Better PERFORMANCE
©2015 Check Point Software Technologies Ltd. 12 Securing SDDC - goals  Increased visibility and control  DEEP inspection, CLOSE to applications  Security is natural part of modern SDDC design  Improved security policy management  avoid overhead by knowing CONTEXT  FLEXIBLE for application deployments and changes  Performance and scalability  SCALABLE - growing with datacenter growth  no choke point design
©2015 Check Point Software Technologies Ltd. 13 Building blocks • Automated security provisioning (new ESXi hosts deployed with security from beginning) • Transparent security insertion – configurable redirection to deep inspection engine • Cloud management systems integration into Security Management – consume objects and state of NSX/vCenter (using SDDC context) • Tagging VMs with security incidents • API and CLI for security automation and orchestration
14©2013 Check Point Software Technologies Ltd. Beyond L4 firewall… Users, applications, data, known and unknown threats GranularVisibility Identity Awareness DLP Mobile Access SmartEvent Application Control URLF IPS Anti-Bot Antivirus Threat Emulation HTTPSHTTPSHTTPS USERCHECKUCUC
©2015 Check Point Software Technologies Ltd. 15 WHAT IS NEEDED?
©2015 Check Point Software Technologies Ltd. 16 SECURITY REQUIREMENTS INSIDE THE DATA CENTER Automated insertion and deployment of advanced threat prevention to protect inside the data center3 Automated security provisioning to keep pace with dynamic data center changes2 Security visibility into traffic inside the data center1
©2015 Check Point Software Technologies Ltd. 18 CHECK POINT & VMWARE Automating Security inside the Data Center + Virtual Security with Advanced Threat Prevention Security Control & Visibility Next Generation Networking and security Lateral Threat Prevention Automated Security Provisioning
©2015 Check Point Software Technologies Ltd. 19 vSEC & NSX DATACENTER SECURITY 100% Software Based: Service, Network & Security s Segmented Data Center Micro-Segmentation with advanced threat prevention Security Orchestration between Virtual Machines Automation of Virtual Network & Security s Consistent security for N-S and E-W traffic Security Control for All Data Center Traffic
©2015 Check Point Software Technologies Ltd. 23 Check Point vSEC + VMware NSX How it works
©2015 Check Point Software Technologies Ltd. 24 CHECK POINT vSEC DEPLOYMENT NSX automatically provisions Check Point vSEC gateway on each host
©2015 Check Point Software Technologies Ltd. 25 NSX manager automatically deploys and provisions Check Point vSEC Gateway on each host CHECK POINT vSEC AUTO-DEPLOYMENT
©2015 Check Point Software Technologies Ltd. 26 Automatically & instantly scale vSEC to secure VMs on new host members CHECK POINT vSEC AUTO-DEPLOYMENT
©2015 Check Point Software Technologies Ltd. 27 Use NSX to segment Virtual Machines into different Security Groups using a flat network MICRO-SEGMENTATION Finance Legal Web Database Partners NSX Security Group
©2015 Check Point Software Technologies Ltd. 28 Use Check Point vSEC to control traffic access between Virtual Machines EAST-WEST SECURITY CONTROL NSX Service Chain Policy Traffic from Partner to Legal Security Group must go through Check Point vSEC Gateway
©2015 Check Point Software Technologies Ltd. 29 Use vSEC for Advanced Threat Prevention inside data center PREVENT LATERAL THREATS
©2015 Check Point Software Technologies Ltd. 30 APPLICATION-AWARE POLICY Check Point Access Policy Rule From To Service Action 3 WEB_VM (vCenter Object) Database (NSX SecGroup) SQL Allow Use Fine-grained security policies tied to NSX Security Groups and Virtual Machine identities Check Point dynamically fetches objects from NSX and vCenter
©2015 Check Point Software Technologies Ltd. 31 SHARED-CONTEXT POLICY NSX Policy From To Action Infected VM (Tagged by Check Point) Any Quarantine Shared security context between vSEC and NSX Manager to automatically quarantine and trigger remediation by other services Check Point tags infected Virtual Machines in NSX manager
©2015 Check Point Software Technologies Ltd. 32 UNIFIED MANAGEMENT Use Check Point unified management for consistent policy control and threat visibility across virtual and perimeter gateways
©2015 Check Point Software Technologies Ltd. 33 Use Check Point SmartEvent to monitor and investigate threats across north-south and east-west traffic THREAT VISIBILITY INSIDE THE DATACENTER 4800 12400 Infected Virtual Machines VM Identity Severity Date VM_Web_22 High 3:22:12 2/4/201 VM_DB_12 High 5:22:12 2/4/201 VM_AD_15 Medium 5:28:12 2/4/201 VM_SAP_34 Medium 7:28:12 2/4/201
©2015 Check Point Software Technologies Ltd. 35[Confidential] For designated groups and individuals Feature Check Point Policy Management Unified management for Virtual and physical Gateways Datacenter policy segmentation with sub policies* Fetch vCenter and NSX objects for use in Check Point policy Security Threat Prevention with multi-layered defenses for Virtual Data Center Tag infected VM and update NSX for automatic remediation Visibility & Forensics View VM objects in security logs Comprehensive Datacenter Threat Visibility Automation & Orchestration Granular privilege down to individual rule for trusted integrations* Check Point vSEC Key Features * Available in R80
©2015 Check Point Software Technologies Ltd. 36 LIVE DEMO
©2015 Check Point Software Technologies Ltd. 37 SUMMARY
©2015 Check Point Software Technologies Ltd. 38 vSEC & NSX DATACENTER SECURITY 100% Software Based: Service, Network & Security s SDDC Software Defined Datacenters Security Orchestration between Virtual Machines Automation of Virtual Network & Security s Consistent security for N-S and E-W traffic Security Control for All Data Center Traffic Software Defined Datacenter Private Cloud
©2015 Check Point Software Technologies Ltd. 40©2015 Check Point Software Technologies Ltd. THANK YOU!
©2015 Check Point Software Technologies Ltd. 41 Backup slides
©2015 Check Point Software Technologies Ltd. 42 NSX Security Group
©2015 Check Point Software Technologies Ltd. 43 NSX Security Group - definition
©2015 Check Point Software Technologies Ltd. 44 NSX and vCenter in Check Point
©2015 Check Point Software Technologies Ltd. 45 Data Center Objects Group
©2015 Check Point Software Technologies Ltd. 46 CP Network Introspection Service
©2015 Check Point Software Technologies Ltd. 47 Service Deployments
©2015 Check Point Software Technologies Ltd. 48 Running as Service VM (ESX Agent)
©2015 Check Point Software Technologies Ltd. 49 NSX DFW does redirection to CP
©2015 Check Point Software Technologies Ltd. 50 by Security Policy applied to Security Group
©2015 Check Point Software Technologies Ltd. 51 Granular CP policy
©2015 Check Point Software Technologies Ltd. 52 Data Center Object identity acquisition
©2015 Check Point Software Technologies Ltd. 53 Botnet incident
©2015 Check Point Software Technologies Ltd. 54 …is translated to VM Security Tag

Recomendados

vSEC pro CISCO ACI
vSEC pro CISCO ACIvSEC pro CISCO ACI
vSEC pro CISCO ACIMarketingArrowECS_CZ
 
F5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini Summit
F5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini SummitF5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini Summit
F5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini Summitkimw001
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...NETSCOUT
 
Application Centric Infrastructure (ACI)
Application Centric Infrastructure (ACI)Application Centric Infrastructure (ACI)
Application Centric Infrastructure (ACI)Cisco IT
 
SDN/NFV Industry analysis
SDN/NFV Industry analysisSDN/NFV Industry analysis
SDN/NFV Industry analysisYu (Robert) Dong
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Canada
 
Application Security with NGINX | APAC
Application Security with NGINX | APACApplication Security with NGINX | APAC
Application Security with NGINX | APACNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicNGINX, Inc.
 

Recomendados

vSEC pro CISCO ACI
vSEC pro CISCO ACIvSEC pro CISCO ACI
vSEC pro CISCO ACIMarketingArrowECS_CZ
 
F5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini Summit
F5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini SummitF5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini Summit
F5 Networks - - OpenStack Summit 2016/Red Hat NFV Mini Summitkimw001
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...NETSCOUT
 
Application Centric Infrastructure (ACI)
Application Centric Infrastructure (ACI)Application Centric Infrastructure (ACI)
Application Centric Infrastructure (ACI)Cisco IT
 
SDN/NFV Industry analysis
SDN/NFV Industry analysisSDN/NFV Industry analysis
SDN/NFV Industry analysisYu (Robert) Dong
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Canada
 
Application Security with NGINX | APAC
Application Security with NGINX | APACApplication Security with NGINX | APAC
Application Security with NGINX | APACNGINX, Inc.
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicNGINX, Inc.
 
Cisco Application Centric Infrastructure
Cisco Application Centric InfrastructureCisco Application Centric Infrastructure
Cisco Application Centric Infrastructureislam Salah
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
FactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewFactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewRockwell Automation
 
Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementNGINX, Inc.
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesWhy CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesNGINX, Inc.
 
Cisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingCisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingDebra Jennings
 
The Evolution of the Data Centre
The Evolution of the Data CentreThe Evolution of the Data Centre
The Evolution of the Data CentreCisco Canada
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtectNGINX, Inc.
 
Best Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementBest Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementNGINX, Inc.
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Canada
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJNGINX, Inc.
 
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)SDNRG ITB
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...NGINX, Inc.
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesRed Gate Software
 
APPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTUREAPPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTURECisco Russia
 
Cisco at v mworld 2015 ravi_vmworldtheater2015
Cisco at v mworld 2015 ravi_vmworldtheater2015Cisco at v mworld 2015 ravi_vmworldtheater2015
Cisco at v mworld 2015 ravi_vmworldtheater2015ldangelo0772
 
Aci presentation
Aci presentationAci presentation
Aci presentationJoe Ryan
 
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Canada
 
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...MarketingArrowECS_CZ
 
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...MarketingArrowECS_CZ
 

Mais conteúdo relacionado

Mais procurados

Cisco Application Centric Infrastructure
Cisco Application Centric InfrastructureCisco Application Centric Infrastructure
Cisco Application Centric Infrastructureislam Salah
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
FactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewFactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewRockwell Automation
 
Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementNGINX, Inc.
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesWhy CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesNGINX, Inc.
 
Cisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingCisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingDebra Jennings
 
The Evolution of the Data Centre
The Evolution of the Data CentreThe Evolution of the Data Centre
The Evolution of the Data CentreCisco Canada
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtectNGINX, Inc.
 
Best Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementBest Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementNGINX, Inc.
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Canada
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJNGINX, Inc.
 
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)SDNRG ITB
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...NGINX, Inc.
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesRed Gate Software
 
APPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTUREAPPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTURECisco Russia
 
Cisco at v mworld 2015 ravi_vmworldtheater2015
Cisco at v mworld 2015 ravi_vmworldtheater2015Cisco at v mworld 2015 ravi_vmworldtheater2015
Cisco at v mworld 2015 ravi_vmworldtheater2015ldangelo0772
 
Aci presentation
Aci presentationAci presentation
Aci presentationJoe Ryan
 
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Canada
 

Mais procurados (20)

Cisco Application Centric Infrastructure
Cisco Application Centric InfrastructureCisco Application Centric Infrastructure
Cisco Application Centric Infrastructure
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
 
FactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: OverviewFactoryTalk® AssetCentre: Overview
FactoryTalk® AssetCentre: Overview
 
Controller and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API ManagementController and Coffee: Deliver APIs in Real Time with API Management
Controller and Coffee: Deliver APIs in Real Time with API Management
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security Solutions
 
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital BusinessesWhy CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
Why CIOs Need Real-Time APIs to Drive Competitive Digital Businesses
 
Cisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingCisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined Networking
 
The Evolution of the Data Centre
The Evolution of the Data CentreThe Evolution of the Data Centre
The Evolution of the Data Centre
 
Découvrez NGINX AppProtect
Découvrez NGINX AppProtectDécouvrez NGINX AppProtect
Découvrez NGINX AppProtect
 
Best Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API ManagementBest Practices for DevOps-Friendly API Management
Best Practices for DevOps-Friendly API Management
 
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...Cisco Connect Halifax 2018 Accelerating the secure digital business through...
Cisco Connect Halifax 2018 Accelerating the secure digital business through...
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress Controller
 
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJDeploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ
 
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
F5 perspective of nfv+sdn (SDN NFV Day ITB 2016)
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
 
Extend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server DatabasesExtend DevOps to Your SQL Server Databases
Extend DevOps to Your SQL Server Databases
 
APPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTUREAPPLICATION CENTRIC INFRASTRUCTURE
APPLICATION CENTRIC INFRASTRUCTURE
 
Cisco at v mworld 2015 ravi_vmworldtheater2015
Cisco at v mworld 2015 ravi_vmworldtheater2015Cisco at v mworld 2015 ravi_vmworldtheater2015
Cisco at v mworld 2015 ravi_vmworldtheater2015
 
Aci presentation
Aci presentationAci presentation
Aci presentation
 
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
 

Semelhante a vSEC pro VMware NSX

Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...MarketingArrowECS_CZ
 
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...MarketingArrowECS_CZ
 
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraCheck Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraMarketingArrowECS_CZ
 
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBECristian Garcia G.
 
VMworld 2015: Introducing Application Self service with Networking and Security
VMworld 2015: Introducing Application Self service with Networking and SecurityVMworld 2015: Introducing Application Self service with Networking and Security
VMworld 2015: Introducing Application Self service with Networking and SecurityVMworld
 
CCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptxCCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptxEBERTE
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionMarketingArrowECS_CZ
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
VMware and Puppet: How to Plan, Deploy & Manage Modern Applications
VMware and Puppet: How to Plan, Deploy & Manage Modern ApplicationsVMware and Puppet: How to Plan, Deploy & Manage Modern Applications
VMware and Puppet: How to Plan, Deploy & Manage Modern ApplicationsPuppet
 
#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming Security#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming SecurityPCM
 
VMware vShield - Overview
VMware vShield - OverviewVMware vShield - Overview
VMware vShield - OverviewIrsandi Hasan
 
Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureDevSecOpsSg
 
VMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSXVMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSXVMworld
 
VMware-vShield-Presentation-pp-en-Dec10.pptx
VMware-vShield-Presentation-pp-en-Dec10.pptxVMware-vShield-Presentation-pp-en-Dec10.pptx
VMware-vShield-Presentation-pp-en-Dec10.pptxAbasse KPEGOUNI
 
VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...
VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...
VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...VMworld
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMwareAngel Villar Garea
 
Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...
Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...
Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...Avi Networks
 

Semelhante a vSEC pro VMware NSX (20)

Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...
 
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
Síla virtuality - virtualizovaná bezpečnost softwarově definovaných datových ...
 
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centraCheck Point vSEC - Bezpečnostní řešení pro moderní datová centra
Check Point vSEC - Bezpečnostní řešení pro moderní datová centra
 
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
 
VMworld 2015: Introducing Application Self service with Networking and Security
VMworld 2015: Introducing Application Self service with Networking and SecurityVMworld 2015: Introducing Application Self service with Networking and Security
VMworld 2015: Introducing Application Self service with Networking and Security
 
CCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptxCCSA Treinamento_CheckPoint.pptx
CCSA Treinamento_CheckPoint.pptx
 
Cisco1000v Net Optics Solution Brief
Cisco1000v Net Optics Solution BriefCisco1000v Net Optics Solution Brief
Cisco1000v Net Optics Solution Brief
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
Check Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private CloudCheck Point and Cisco: Securing the Private Cloud
Check Point and Cisco: Securing the Private Cloud
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
 
VMware and Puppet: How to Plan, Deploy & Manage Modern Applications
VMware and Puppet: How to Plan, Deploy & Manage Modern ApplicationsVMware and Puppet: How to Plan, Deploy & Manage Modern Applications
VMware and Puppet: How to Plan, Deploy & Manage Modern Applications
 
#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming Security#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming Security
 
VMware vShield - Overview
VMware vShield - OverviewVMware vShield - Overview
VMware vShield - Overview
 
Implementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices InfrastructureImplementing Docker Load Balancing in Microservices Infrastructure
Implementing Docker Load Balancing in Microservices Infrastructure
 
VMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSXVMworld 2014: Virtualize your Network with VMware NSX
VMworld 2014: Virtualize your Network with VMware NSX
 
VMware-vShield-Presentation-pp-en-Dec10.pptx
VMware-vShield-Presentation-pp-en-Dec10.pptxVMware-vShield-Presentation-pp-en-Dec10.pptx
VMware-vShield-Presentation-pp-en-Dec10.pptx
 
VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...
VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...
VMworld 2013: VMware and Puppet: How to Plan, Deploy & Manage Modern Applicat...
 
Business Agility and Security with VMware
Business Agility and Security with VMwareBusiness Agility and Security with VMware
Business Agility and Security with VMware
 
Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...
Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...
Deliver Modern Applications with an Elastic Load Balancing Fabric Powered by ...
 

Mais de MarketingArrowECS_CZ

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfMarketingArrowECS_CZ
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!MarketingArrowECS_CZ
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?MarketingArrowECS_CZ
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaMarketingArrowECS_CZ
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceMarketingArrowECS_CZ
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeMarketingArrowECS_CZ
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle softwareMarketingArrowECS_CZ
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?MarketingArrowECS_CZ
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoMarketingArrowECS_CZ
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. částMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částMarketingArrowECS_CZ
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyMarketingArrowECS_CZ
 

Mais de MarketingArrowECS_CZ (20)

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdf
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
 
Chráníte správně svoje data?
Chráníte správně svoje data?Chráníte správně svoje data?
Chráníte správně svoje data?
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management Platforma
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database Appliance
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Infinidat InfiniBox
Infinidat InfiniBoxInfinidat InfiniBox
Infinidat InfiniBox
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databáze
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle software
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplno
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. část
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): Storage
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): Compute
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastruktury
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Último (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

vSEC pro VMware NSX

  • 1. ©2015 Check Point Software Technologies Ltd. 1©2015 Check Point Software Technologies Ltd. Zabezpečení softwarově definovaných datových center prostřednictvím Check Point vSEC a VMware NSX Peter Kovalčík Security Engineer, Check Point Software Technologies
  • 2. ©2015 Check Point Software Technologies Ltd. 2 Hey, I can spin-up VMs in minutes. Why does it take a week to get network/firewall changes State of Virtualization vs. Networking
  • 3. ©2015 Check Point Software Technologies Ltd. 3 ​DATA CENTERS ​are rapidly evolving.
  • 4. ©2015 Check Point Software Technologies Ltd. 4 Virtual Datacenter ​DATA CENTER EVOLUTION • Server (compute) virtualization • Network operation is manual Software Defined Datacenter Private Cloud • Network are is also virtualized • Services can be dynamically inserted and orchestrated via automation
  • 5. ©2015 Check Point Software Technologies Ltd. 5 ​THE NEW ERA OF SOFTWARE-DEFINED DATACENTERS (SDDC) Allowing IT to deliver applications at a fraction of the cost and time in a more secure way!
  • 6. ©2014 Check Point Software Technologies Ltd. 6 SECURITY CHALLENGES IN THE CURRENT DATACENTER
  • 7. ©2015 Check Point Software Technologies Ltd. 7 WEST EAST SOUTH NORTH Perimeter (north-south) security is blind to 80% of the east-west data center traffic ​Challenge #1: Increasing Traffic Inside the Datacenter
  • 8. ©2015 Check Point Software Technologies Ltd. 8 • Lack of security control between VMs • Threat can easily traverse VLANs • Threats attack low-priority service and then move to critical systems Modern threats can spread laterally inside the data center, moving from one application to another ​Challenge #2: Lateral Threats Inside the Data Center
  • 9. ©2015 Check Point Software Technologies Ltd. 9 Traditional static controls fail to secure dynamic networks and highly mobile applications ​Challenge #3: Security Ignores Data Center Changes • New Virtual Machines • Virtual Machine movement • VM that change IP address • Dormant VMs that wakes up • VMs move between VLANs
  • 10. ©2015 Check Point Software Technologies Ltd. 10 How to define secure policy for catalog applications that have not been provisioned and still don’t have IP address? Lack of security automation impacts business agility in delivering services, results in security gaps ​Challenge #4: Security Inhibits Data Center Agility
  • 11. ©2015 Check Point Software Technologies Ltd. 11 Securing SDDC - goals  Better SECURITY  Better MANAGED  Better PERFORMANCE
  • 12. ©2015 Check Point Software Technologies Ltd. 12 Securing SDDC - goals  Increased visibility and control  DEEP inspection, CLOSE to applications  Security is natural part of modern SDDC design  Improved security policy management  avoid overhead by knowing CONTEXT  FLEXIBLE for application deployments and changes  Performance and scalability  SCALABLE - growing with datacenter growth  no choke point design
  • 13. ©2015 Check Point Software Technologies Ltd. 13 Building blocks • Automated security provisioning (new ESXi hosts deployed with security from beginning) • Transparent security insertion – configurable redirection to deep inspection engine • Cloud management systems integration into Security Management – consume objects and state of NSX/vCenter (using SDDC context) • Tagging VMs with security incidents • API and CLI for security automation and orchestration
  • 14. 14©2013 Check Point Software Technologies Ltd. Beyond L4 firewall… Users, applications, data, known and unknown threats GranularVisibility Identity Awareness DLP Mobile Access SmartEvent Application Control URLF IPS Anti-Bot Antivirus Threat Emulation HTTPSHTTPSHTTPS USERCHECKUCUC
  • 15. ©2015 Check Point Software Technologies Ltd. 15 WHAT IS NEEDED?
  • 16. ©2015 Check Point Software Technologies Ltd. 16 SECURITY REQUIREMENTS INSIDE THE DATA CENTER Automated insertion and deployment of advanced threat prevention to protect inside the data center3 Automated security provisioning to keep pace with dynamic data center changes2 Security visibility into traffic inside the data center1
  • 17. ©2015 Check Point Software Technologies Ltd. 18 CHECK POINT & VMWARE Automating Security inside the Data Center + Virtual Security with Advanced Threat Prevention Security Control & Visibility Next Generation Networking and security Lateral Threat Prevention Automated Security Provisioning
  • 18. ©2015 Check Point Software Technologies Ltd. 19 vSEC & NSX DATACENTER SECURITY 100% Software Based: Service, Network & Security s Segmented Data Center Micro-Segmentation with advanced threat prevention Security Orchestration between Virtual Machines Automation of Virtual Network & Security s Consistent security for N-S and E-W traffic Security Control for All Data Center Traffic
  • 19. ©2015 Check Point Software Technologies Ltd. 23 Check Point vSEC + VMware NSX How it works
  • 20. ©2015 Check Point Software Technologies Ltd. 24 CHECK POINT vSEC DEPLOYMENT NSX automatically provisions Check Point vSEC gateway on each host
  • 21. ©2015 Check Point Software Technologies Ltd. 25 NSX manager automatically deploys and provisions Check Point vSEC Gateway on each host CHECK POINT vSEC AUTO-DEPLOYMENT
  • 22. ©2015 Check Point Software Technologies Ltd. 26 Automatically & instantly scale vSEC to secure VMs on new host members CHECK POINT vSEC AUTO-DEPLOYMENT
  • 23. ©2015 Check Point Software Technologies Ltd. 27 Use NSX to segment Virtual Machines into different Security Groups using a flat network MICRO-SEGMENTATION Finance Legal Web Database Partners NSX Security Group
  • 24. ©2015 Check Point Software Technologies Ltd. 28 Use Check Point vSEC to control traffic access between Virtual Machines EAST-WEST SECURITY CONTROL NSX Service Chain Policy Traffic from Partner to Legal Security Group must go through Check Point vSEC Gateway
  • 25. ©2015 Check Point Software Technologies Ltd. 29 Use vSEC for Advanced Threat Prevention inside data center PREVENT LATERAL THREATS
  • 26. ©2015 Check Point Software Technologies Ltd. 30 APPLICATION-AWARE POLICY Check Point Access Policy Rule From To Service Action 3 WEB_VM (vCenter Object) Database (NSX SecGroup) SQL Allow Use Fine-grained security policies tied to NSX Security Groups and Virtual Machine identities Check Point dynamically fetches objects from NSX and vCenter
  • 27. ©2015 Check Point Software Technologies Ltd. 31 SHARED-CONTEXT POLICY NSX Policy From To Action Infected VM (Tagged by Check Point) Any Quarantine Shared security context between vSEC and NSX Manager to automatically quarantine and trigger remediation by other services Check Point tags infected Virtual Machines in NSX manager
  • 28. ©2015 Check Point Software Technologies Ltd. 32 UNIFIED MANAGEMENT Use Check Point unified management for consistent policy control and threat visibility across virtual and perimeter gateways
  • 29. ©2015 Check Point Software Technologies Ltd. 33 Use Check Point SmartEvent to monitor and investigate threats across north-south and east-west traffic THREAT VISIBILITY INSIDE THE DATACENTER 4800 12400 Infected Virtual Machines VM Identity Severity Date VM_Web_22 High 3:22:12 2/4/201 VM_DB_12 High 5:22:12 2/4/201 VM_AD_15 Medium 5:28:12 2/4/201 VM_SAP_34 Medium 7:28:12 2/4/201
  • 30. ©2015 Check Point Software Technologies Ltd. 35[Confidential] For designated groups and individuals Feature Check Point Policy Management Unified management for Virtual and physical Gateways Datacenter policy segmentation with sub policies* Fetch vCenter and NSX objects for use in Check Point policy Security Threat Prevention with multi-layered defenses for Virtual Data Center Tag infected VM and update NSX for automatic remediation Visibility & Forensics View VM objects in security logs Comprehensive Datacenter Threat Visibility Automation & Orchestration Granular privilege down to individual rule for trusted integrations* Check Point vSEC Key Features * Available in R80
  • 31. ©2015 Check Point Software Technologies Ltd. 36 LIVE DEMO
  • 32. ©2015 Check Point Software Technologies Ltd. 37 SUMMARY
  • 33. ©2015 Check Point Software Technologies Ltd. 38 vSEC & NSX DATACENTER SECURITY 100% Software Based: Service, Network & Security s SDDC Software Defined Datacenters Security Orchestration between Virtual Machines Automation of Virtual Network & Security s Consistent security for N-S and E-W traffic Security Control for All Data Center Traffic Software Defined Datacenter Private Cloud
  • 34. ©2015 Check Point Software Technologies Ltd. 40©2015 Check Point Software Technologies Ltd. THANK YOU!
  • 35. ©2015 Check Point Software Technologies Ltd. 41 Backup slides
  • 36. ©2015 Check Point Software Technologies Ltd. 42 NSX Security Group
  • 37. ©2015 Check Point Software Technologies Ltd. 43 NSX Security Group - definition
  • 38. ©2015 Check Point Software Technologies Ltd. 44 NSX and vCenter in Check Point
  • 39. ©2015 Check Point Software Technologies Ltd. 45 Data Center Objects Group
  • 40. ©2015 Check Point Software Technologies Ltd. 46 CP Network Introspection Service
  • 41. ©2015 Check Point Software Technologies Ltd. 47 Service Deployments
  • 42. ©2015 Check Point Software Technologies Ltd. 48 Running as Service VM (ESX Agent)
  • 43. ©2015 Check Point Software Technologies Ltd. 49 NSX DFW does redirection to CP
  • 44. ©2015 Check Point Software Technologies Ltd. 50 by Security Policy applied to Security Group
  • 45. ©2015 Check Point Software Technologies Ltd. 51 Granular CP policy
  • 46. ©2015 Check Point Software Technologies Ltd. 52 Data Center Object identity acquisition
  • 47. ©2015 Check Point Software Technologies Ltd. 53 Botnet incident
  • 48. ©2015 Check Point Software Technologies Ltd. 54 …is translated to VM Security Tag