• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Network Security in a Virtualized Environment
 

Network Security in a Virtualized Environment

on

  • 2,155 views

 

Statistics

Views

Total Views
2,155
Views on SlideShare
1,017
Embed Views
1,138

Actions

Likes
2
Downloads
0
Comments
0

12 Embeds 1,138

http://it.tmcnet.com 892
http://www.netoptics.com 196
http://www.telnetnetworks.ca 14
http://www.network-taps.eu 11
http://localhost 8
http://www.silkwebsolutions.com 5
http://www.network-taps.de 3
http://www.linkedin.com 3
http://en.netoptics.com 2
http://www.netoptics.cn.com 2
http://xml.netoptics.com 1
http://www.tmcnet.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Network Security in a Virtualized Environment Network Security in a Virtualized Environment Presentation Transcript

    • Security Challenges in a Virtualized Environment
    • Guest Speakers
      • Joel Snyder
      • Senior Partner at Opus One
      • Focuses on data networking, information security, and electronic messaging. He spends most of his time on the road helping clients understand, optimize, and secure their networks. He is a well-respected author and speaker, and enjoys eating food just a little too much
      • Ran Nahmias [email_address]
      • Director, Virtualization & Cloud Solutions
      • Over 15 years of experience in networking, security, desktop and server virtualization in engineering, product management and deployment roles for market leaders such as Check Point Software Technologies, Nice Systems, Microsoft and Net Optics.
    • What Do You Know?
      • "In physical science the first essential step in the direction of learning any subject is to find principles of numerical reckoning and practicable methods for measuring some quality connected with it. I often say that when you can measure what you are speaking about, and express it in numbers, you know something about it; but when you cannot measure it, when you cannot express it in numbers, your knowledge is of a meager and unsatisfactory kind it may be the beginning of knowledge, but you have scarcely in your thoughts advanced to the state of Science, whatever the matter may be.
      Lord Kelvin
    • What Do You Know?
      • "In physical science the first essential step in the direction of learning any subject is to find principles of numerical reckoning and practicable methods for measuring some quality connected with it. I often say that when you can measure what you are speaking about, and express it in numbers, you know something about it; but when you cannot measure it, when you cannot express it in numbers, your knowledge is of a meager and unsatisfactory kind it may be the beginning of knowledge, but you have scarcely in your thoughts advanced to the state of Science, whatever the matter may be.
      Lord Kelvin
    • We Know: We Love Our Tools Network Recording Appliance Traffic Flow Collector Intrusion Detection System Intrusion Detection System Intrusion Detection System Data Leak Protection Data Leak Protection Data Leak Protection
    • We Know: We Love Our Tools Network Recording Appliance Traffic Flow Collector Intrusion Detection System Intrusion Detection System Intrusion Detection System Data Leak Protection Data Leak Protection Data Leak Protection … and We Love Our Taps!
    • In The Good Old Days, Plugging In Tools Was Easy TAP DLP Packet Recorder Netflow Analyzer TAPs DMZ EAST DC WEST DC IDS TAPs TAPs
    • In The Good Old Days, Plugging In Tools Was (mostly) Easy TAP DLP Packet Recorder Netflow Analyzer TAPs DMZ EAST DC WEST DC IDS TAPs TAPs
    • With Virtualization, Suddenly You’re Limited to Very Coarse Monitoring TAP DLP Packet Recorder Netflow Analyzer TAP TAP TAP DMZ IDS TAP EAST DC WEST DC
    • With Virtualization, Suddenly You’re Limited to Very Coarse Monitoring TAP DLP Packet Recorder Netflow Analyzer TAP TAP TAP DMZ IDS TAP EAST DC WEST DC
    • Eventually, Full Virtualization Erases All Hope of Network Visibility TAP DLP Packet Recorder Netflow Analyzer TAP IDS Consolidated Data Center with Production, Test, DMZ all in VMware
    • Visibility Is Knowledge Before Virtualization visible visible visible visible visible visible visible visible
    • You Can’t See The Trees For The Forest Before Virtualization After Virtualization visible visible visible Invisible visible
    • The Harrington Visibility Conclusion "If you cannot measure it, you cannot control it. If you cannot control it, you cannot manage it. If you cannot manage it, you cannot improve it." H. James Harrington
    • Hypervisor Virtual Stack Monitoring Challenge vm1 vm2 vm3 Physical Host Server ESX Virtual Stack Virtual Switch Absolute lack of visibility of the Inter-VM traffic Physical Network Security & Monitoring Potential Security and Compliance Risks
        • No visibility into traffic that may include vulnerabilities and threats
        • Data passing between servers not captured for analysis
        • Inability to collect and maintain auditable evidence of compliance and adherence.
      Analyzer IDS
    • Phantom Virtual Tap Solution vm1 vm2 vm3 Virtual Switch Physical Network Security & Monitoring Physical Host Server Phantom Virtual Tap ESX Virtual Stack 100% visibility of Inter-VM traffic Provides visibility into traffic; enables Security, Monitoring and Compliance Auditing evidence.
      • Bridge virtual traffic of interest to physical instrumentation tools
      • Eliminate security and compliance barriers to virtualization adoption
      • Adherence to security and compliance standards in a virtualized environment
      Analyzer IDS
    • Hypervisor-Based Enterprise Class Solution ESX 1 Phantom Manager™ Phantom Manager is a scalable policy administration and management platform Controls simultaneous management of multiple Phantom Monitors ESX 2 ESX 3 ESX 4 LAN/WAN
    • Net Optics Converged Network Solution Physical Server Physical Server DLP Director™ ESX Encapsulated Tunnel Phantom Manager™
      • Hypervisor-specific Tap
          • VMware “VMsafe Certified”
      • Complete visibility to inter-VM traffic
      • Purpose-built for virtualization
          • Monitor through Live-Migration (VMotion)
          • TAP for each VM instance (by VM ID)
      • Tight Integration with VMware vCenter
      • Fault-Tolerant and Non disruptive Architecture
      Indigo Pro™ Physical and Virtual Monitoring Convergence vm1 vm2 vm3 Hypervisor Phantom Monitor™ Analyzer IDS LAN/WAN
    • Key Takeaways
      • Achieve security, compliance and performance monitoring standards
      • Gain end-to-end traffic visibility in the virtual environment
      • Realize the full potential of your virtual data center
      Download your 30-day evaluation copy today!
    • Conclusion
      • Q&A
      • Stay informed of Future News and Updates:
      • Visit www.netoptics.com, sign up for our newsletter:
      • http://www.netoptics.com/about_us/NewsletterReg.asp
      • Thank You!
    • Net Optics, Inc. www.netoptics.com (408) 737-7777 Thank You