Last post I covered some of the basics around VM networking. But, as we all know, there is more to networking than just packet transport. One of the biggest challenges with VM networking is security policy enforcement. The fundamental nature of server virtualization introduces a new set of challenges for both network and security admin to ensure proper compliance with infosec policy because of things like VM mobility, VM sprawl and potential loss of transparency. With the introduction of the Nexus 1000V we gave network and security admins many of the security tools they were already familiar with with physical Cisco switches--this should not be a surprise, since the Nexus 1000V is a full NX-OS switch. Last summer, we built upon this functionality with the Virtual Security Gateway. This zone based firewall was specifically desinged to meet the unique challenges of VM environments. Click on the pic for a quick 3 minute tour of the VSG
To dig into this deeper,
we have a joint webcast with Nemertes Research tomorrow (March 1, 1PM Eastern, 10AM Pacific) on DC and Virtualization Security. We’ll have smart folks from both companies discussing how to build a new security model for the virtualized data center and how Cisco’s security solutions fit into that model. You can register for the session here — rebroadcast will be available if you cannot make it.
I was remiss in not pointing out that we have free 60-day trials for the software if you want to try it out for yourself--you will need to pull down software from both of the following links:
If you don’t have the Nexus 1000V running, you can pull down a full 60-day eval of that too by clicking here