End-to-End Segmentation with NSX SD-WAN and NSX Data Center

Server Virtualization

Article | May 17, 2023

It’s an impactful release focused on significant NSX Security enhancements Putting a hard shell around a soft core is not a recipe for success in security, but somehow legacy security architectures for application protection have often looked exactly like that: a hard perimeter firewall layer for an application infrastructure that was fundamentally not built with security as a primary concern. VMware NSX Distributed Firewall pioneered the micro-segmentation concept for granular access controls for cloud applications with the initial launch of the product in 2013. The promise of Zero Trust security for applications, the simplicity of deployment of the solution, and the ease of achieving internal security objectives made NSX an instant success for security-sensitive customers. Our newest release — NSX-T 3.2 — establishes a new marker for securing application infrastructure by introducing significant new features to identify and respond to malware and ransomware attacks in the network, to enhance user identification and L7 application identification capabilities, and, at the same time, to simplify deployment of the product for our customers. Modern day security teams need to secure mission-critical infrastructure from both external and internal attacks. By providing unprecedented threat visibility leveraging IDS, NTA, and Network Detection and Response (NDR) capabilities along with granular controls leveraging L4-L7 Firewall, IPS, and Malware Prevention capabilities, NSX 3.2 delivers an incredible security solution for our customers“ Umesh Mahajan, SVP, GM (Networking and Security Business Unit) Distributed Advanced Threat Prevention (ATP) Attackers often use multiple sophisticated techniques to penetrate the network, move laterally within the network in a stealthy manner, and exfiltrate critical data at an appropriate time. Micro-segmentation solutions focused solely on access control can reduce the attack surface — but cannot provide the detection and prevention technologies needed to thwart modern attacks. NSX-T 3.2 introduces several new capabilities focused on detection and prevention of attacks inside the network. Of critical note is that these advanced security solutions do not need network taps, separate monitoring networks, or agents inside each and every workload. Distributed Malware Prevention Lastline’s highly reputed dynamic malware technology is now integrated with NSX Distributed Firewall to deliver an industry-first Distributed Malware Prevention solution. Leveraging the integration with Lastline, a Distributed Firewall embedded within the hypervisor kernel can now identify both “known malicious” as well as “zero day” malware Distributed Behavioral IDS Whereas earlier versions of NSX Distributed IDPS (Intrusion Detection and Prevention System) delivered primarily signature-based detection of intrusions, NSX 3.2 introduces “behavioral” intrusion detection capabilities as well. Even if specific IDS signatures are not triggered, this capability helps customers know whether a workload is seeing any behavioral anomalies, like DNS tunneling or beaconing, for example, that could be a cause for concern. Network Traffic Analysis (NTA) For customers interested in baselining network-wide behavior and identifying anomalous behavior at the aggregated network level, NSX-T 3.2 introduces Distributed Network Traffic Analysis (NTA). Network-wide anomalies like lateral movement, suspicious RDP traffic, and malicious interactions with the Active Directory server, for example, can alert security teams about attacks underway and help them take quick remediation actions. Network Detection and Response (NDR) Alert overload, and resulting fatigue, is a real challenge among security teams. Leveraging advanced AI/ML techniques, the NSX-T 3.2 Network Detection and Response solution consolidates security IOCs from different detection systems like IDS, NTA, malware detection. etc., to provide a ”campaign view” that shows specific attacks in play at that point in time. MITRE ATT&CK visualization helps customers see the specific stage in the kill chain of individual attacks, and the ”time sequence” view helps understand the sequence of events that contributed to the attack on the network. Key Firewall Enhancements While delivering new Advanced Threat Prevention capabilities is one key emphasis for the NSX-T 3.2 release, providing meaningful enhancements for core firewalling capabilities is an equally critical area of innovation. Distributed Firewall for VDS Switchports While NSX-T has thus far supported workloads connected to both overlay-based N-VDS switchports as well as VLAN-based switchports, customers had to move the VLAN switchports from VDS to N-VDS before a Distributed Firewall could be enforced. With NSX-T 3.2, native VLAN DVPGs are supported as-is, without having to move to N-VDS. Effectively, Distributed Security can be achieved in a completely seamless manner without having to modify any networking constructs. Distributed Firewall workflows in vCenter With NSX-T 3.2, we are introducing the ability to create and modify Distributed Firewall rules natively within vCenter. For small- to medium-sized VMware customers, this feature simplifies the user experience by eliminating the need to leverage a separate NSX Manager interface. Advanced User Identification for Distributed and Gateway Firewalls NSX supported user identity-based access control in earlier releases. With NSX-T 3.2, we’re introducing the ability to directly connect to Microsoft Active Directory to support user identity mapping. In addition, for customers who do not use Active Directory for user authentication, NSX also supports VMware vRealize LogInsight as an additional method to carry out user identity mapping. This feature enhancement is applicable for both NSX Distributed Firewall as well as NSX Gateway Firewall. Enhanced L7 Application Identification for Distributed and Gateway Firewalls NSX supported Layer-7 application identification-based access control in earlier releases. With NSX-T 3.2, we are enhancing the signature set to about 750 applications. While several perimeter firewall vendors claim a larger set of Layer-7 application signatures, they focus mostly on internet application identification (like Facebook, for example). Our focus with NSX at this time is on internal applications hosted by enterprises. This feature enhancement is applicable for both NSX Distributed Firewall as well as Gateway Firewalls. NSX Intelligence NSX Intelligence is geared towards delivering unprecedented visibility for all application traffic inside the network and enabling customers to create micro-segmentation policies to reduce the attack surface. It has a processing pipeline that de-dups, aggregates, and correlates East-West traffic to deliver in-depth visibility. Scalability enhancements for NSX Intelligence As application infrastructure grows rapidly, it is vital that one’s security analytics platform can grow with it. With the new release, we have rearchitected the application platform upon which NSX Intelligence runs — moving from a stand-alone appliance to a containerized micro-service architecture powered by Kubernetes. This architectural change future-proofs the Intelligence data lake and allows us to eventually scale out our solution to n-node Kubernetes clusters. Large Enterprise customers that need visibility for application traffic can confidently deploy NSX Intelligence and leverage the enhanced scale it supports. NSX Gateway Firewall While NSX Distributed Firewall focuses on east-west controls within the network, NSX Gateway Firewall is used for securing ingress and egress traffic into and out of a zone. Gateway Firewall Malware Detection NSX Gateway Firewall in the 3.2 release received significant Advanced Threat Detection capabilities. Gateway Firewall can now identify both known as well as zero-day malware ingressing or egressing the network. This new capability is based on the Gateway Firewall integration with Lastline’s highly reputed dynamic network sandbox technology. Gateway Firewall URL Filtering Internal users and applications reaching out to malicious websites is a huge security risk that must be addressed. In addition, enterprises need to limit internet access to comply with corporate internet usage policies. NSX Gateway Firewall in 3.2 introduces the capability to restrict access to internet sites. Access can be limited based on either the category the URL belongs to, or the “reputation” of the URL. The URL to category and reputation mapping is constantly updated by VMware so customer intent is enforced automatically even after many changes in the internet sites themselves.

Virtual Desktop Tools, Server Hypervisors

Article | June 8, 2023

SD-WANs are a critical component of digital transformation. Using software-defined networking (SDN) and virtual network functions (VNF) concepts to build and manage a wide area network (WAN) helps businesses successfully transition their infrastructure to the cloud by securely connecting hybrid multicloud architectures. But SD-WANs can do more than just facilitate a transition to the cloud —they make it faster and less expensive to expand your business.

Virtual Desktop Tools

Article | August 12, 2022

Neglecting virtualization on VMs hampers productivity of firms. Operations become complex and resource usage is suboptimal. Leverage virtualization to empower with enhanced efficiency and scalability. Contents 1. Introduction 2. Types of Virtualization on VMs 2.1 Server virtualization 2.2 Storage virtualization 2.3 Network virtualization 2.3.1 Software-defined networking 2.3.2 Network function virtualization 2.4 Data virtualization 2.5 Application virtualization 2.6 Desktop virtualization 3. Impact of Virtualized VMs on Business Enterprises 3.1 Virtualization as a Game-Changer for Business Models 3.2 Evaluating IT Infrastructure Reformation 3.3 Virtualization Impact on Business Agility 4. How can Businesses Scale ROI with Adoption of Virtualization in Virtual Machines? 5. Risks and Challenges of Virtual Machines in the Cloud 5.1 Resource Distribution: 5.2 VM Sprawl: 5.3 Backward Compatibility 5.4 Conditional Network Monitoring 5.5 Interoperability: 6. Overcoming Roadblocks: Best Practices for Successful Execution of VMs 6.1 Unlocking the Power of Resource Distribution: 6.2 Effective techniques for Avoiding VM Sprawl: 6.3 Backward Compatibility: A Comprehensive Solution: 6.4 Performance Metrics: 6.5 Solutions for Interoperability in a Connected World: 7. Five Leading Providers for Virtualization of VMs Parallels Aryaka Aryaka Liquidware Azul 8. Conclusion 1. Introduction Virtualization on virtual machines (VMs) is a technology that enables multiple operating systems and applications to run on a single physical server or host. It has become essential to modern IT infrastructures, allowing businesses to optimize resource utilization, increase flexibility, and reduce costs. Embracing virtualization on VMs offers many business benefits, including improved disaster recovery, increased efficiency, enhanced security, and better scalability. In this digital age, where businesses rely heavily on technology to operate and compete, virtualization on VMs has become a crucial strategy for staying competitive and achieving business success. Organizations need to be agile and responsive to changing customer demands and market trends. Rather than focusing on consolidating resources, the emphasis now lies on streamlining operations, maximizing productivity, and optimizing convenience. 2. Types of Virtualization on VMs 2.1 Server virtualization The server virtualization process involves dividing a physical server into several virtual servers. This allows organizations to consolidate multiple physical servers onto a single physical server, which leads to cost savings, improved efficiency, and easier management. Server virtualization is one of the most common types of virtualization used on VMs. Consistent stability/reliability is the most critical product attributes IT decision-makers look for when evaluating server virtualization solutions. Other important factors include robust disaster recovery capabilities and advanced security features. Server Virtualization Market was valued at USD 5.7 Billion in 2018 and is projected to reach USD 9.04 Billion by 2026, growing at a CAGR of 5.9% from 2019 to 2026. (Source: Verified Market Research) 2.2 Storage virtualization Combining multiple network storage devices into an integrated virtual storage device, storage virtualization facilitates a cohesive and efficient approach to data management within a data center. IT administrators can allocate and manage the virtual storage unit with the help of management software, which facilitates streamlined storage tasks like backup, archiving, and recovery. There are three types of storage virtualization: file-level, block-level, and object-level. File-level consolidates multiple file systems into one virtualized system for easier management. Block-level abstracts physical storage into logical volumes allocated to VMs. Object-level creates a logical storage pool for more flexible and scalable storage services to VMs. The storage virtualization segment held an industry share of more than 10.5% in 2021 and is likely to observe considerable expansion through 2030 (Source: Global Market Insights) 2.3 Network virtualization Any computer network has hardware elements such as switches, routers, load balancers and firewalls. With network virtualization, virtual machines can communicate with each other across virtual networks, even if they are on different physical hosts. Network virtualization can also enable the creation of isolated virtual networks, which can be helpful for security purposes or for creating test environments. The following are two approaches to network virtualization: 2.3.1 Software-defined networking Software-defined networking (SDN) controls traffic routing by taking over routing management from data routing in the physical environment. For example, programming the system to prioritize video call traffic over application traffic to ensure consistent call quality in all online meetings. 2.3.2 Network function virtualization Network function virtualization technology combines the functions of network appliances, such as firewalls, load balancers, and traffic analyzers, that work together to improve network performance. The global Network function virtualization market size was valued at USD 12.9 billion in 2019 and is projected to reach USD 36.3 billion by 2024, at a CAGR of 22.9%, during the forecast period(2019-2024). (Source: MarketsandMarkets) 2.4 Data virtualization Data virtualization is the process of abstracting, organizing, and presenting data in a unified view that applications and users can access without regard to the data's physical location or format. Using virtualization techniques, data virtualization platforms can create a logical data layer that provides a single access point to multiple data sources, whether on-premises or in the cloud. This logical data layer is then presented to users as a single, virtual database, making it easier for applications and users to access and work with data from multiple sources and support cross-functional data analysis. Data Virtualization Market size was valued at USD 2.37 Billion in 2021 and is projected to reach USD 13.53 Billion by 2030, growing at a CAGR of 20.2% from 2023 to 2030. (Source: Verified Market Research) 2.5 Application virtualization In this approach, the applications are separated from the underlying hardware and operating system and encapsulated in a virtual environment, which can run on any compatible hardware and operating system. With application virtualization, the application is installed and configured on a virtual machine, which can then be replicated and distributed to multiple end-users. For example, users can run a Microsoft Windows application on a Linux machine without changing the machine configuration. According to a report, the global application virtualization market size is predicted to grow from USD 2.2 billion in 2020 to USD 4.4 billion by 2025, at a CAGR of 14.7% during the period of 2020-2025. (Source: MarketsandMarkets) 2.6 Desktop virtualization In desktop virtualization, a single physical machine can host multiple virtual machines, each with its own operating system and desktop environment. Users can access these virtual desktops remotely through a network connection, allowing them to work from anywhere and on any device. Desktop virtualization is commonly used in enterprise settings to provide employees with a secure and flexible way to access their work environment. The desktop virtualization market is anticipated to register a CAGR of 10.6% over the forecast period (2018-28). (Source: Mordor Intelligence) 3. Impact of Virtualized VMs on Business Enterprises Virtualization can increase the adaptability of business processes. The servers can support different operating systems (OS) and applications as the software is decoupled from the hardware. Business processes can be run on virtual computers, with each virtual machine running its own OS, applications, softwares and set of programs. 3.1 Virtualization as a Game-Changer for Business Models The one server, one application model can be abolished using virtualization, which was inefficient because most servers were underutilized. Instead, one server can become many virtual machines using virtualization software, each running on a different operating system such as Windows, Linux, or Apache. Virtualization has made it possible for companies to fit more virtual servers onto fewer physical devices, saving them space, power, and time spent managing them. The adoption of virtualization services is significantly increased by industrial automation systems. Industrial automation suppliers offer new-generation devices to virtualize VMs and software-driven industrial automation operations. This will solve problems with important automation equipment like Programmable Logic Controller (PLCs) and Distributed Control Systems (DCS), leading to more virtualized goods and services in industrial automation processes. 3.2 Evaluating IT Infrastructure Reformation IT infrastructure evaluation for virtualization needs to look at existing systems and processes along with finding opportunities and shortcomings. Cloud computing, mobile workforces, and app compatibility cause this growth. Over the last decade, these areas have shifted from conventional to virtual infrastructure. • Capacity on Demand: It is a concept that refers to the ability to quickly and easily deploy virtual servers, either on-premise or through a hosting provider. This is made possible through the use of virtualization technologies. These technologies allow businesses to create multiple virtual instances of servers that can be easily scaled up or down as per the requirement, providing businesses with access to IT capacity on demand. • Disaster Recovery (DR): DR is a critical consideration in evaluating IT infrastructure reformation for virtualization. Virtualization technology enables businesses to create virtual instances of servers that run multiple applications, which eliminates the need for robust DR solutions that can be expensive and time-consuming to implement. As a result, businesses can save costs by leveraging the virtual infrastructure for DR purposes. • Consumerization of IT: The consumerization of IT refers to the increasing trend of employees using personal devices and applications in their work environments. This has resulted in a need for businesses to ensure that their IT infrastructure can support a diverse range of devices and applications. Virtual machines enable businesses to create virtual desktop environments that can be accessed from any device with an internet connection, thereby providing employees with a consistent and secure work environment regardless of their device. 3.3 Virtualization Impact on Business Agility Virtualization has emerged as a valuable tool for enhancing business agility by allowing firms to respond quickly, efficiently, and cost-effectively to market changes. By enabling rapid installation and migration of applications and services across systems, the migration to the virtualized systems has allowed companies to achieve significant operational flexibility, responsiveness, and scalability gains. According to a poll conducted by Tech Target, 66% of the firms have reported an increase in agility due to virtualization adoption. This trend is expected to rise, driven by growing demand for cost-effective and efficient IT solutions across various industries. In line with this, a comprehensive analysis has projected that the market for virtualization software was estimated to be worth USD 45.51 billion in 2021. It is anticipated to grow to USD 223.35 billion by 2029, with a CAGR of 22.00% predicted for the forecast period of 2022–2029, including application, network, and hardware virtualization. (Source: Data Bridge) This is primarily attributed to the growing need for businesses to improve their agility and competitiveness by leveraging advanced virtualization technologies and solutions for applications and servers. 4. How can Businesses Scale ROI with Adoption of Virtualization in Virtual Machines? Businesses looking to boost their ROI have gradually shifted to Virtualizing VMs, in the past years. According to a recent study, VM virtualization helps businesses reduce their hardware and maintenance costs by up to 50%, significantly impacting their bottom line. Server consolidation helps reduce hardware costs and improve resource utilization, as businesses allocate resources, operating systems, and applications dynamically based on workload demand. Utilizing application virtualization, in particular, can assist businesses in optimizing resource utilization by as much as 80%. Software-defined Networking (SDN) allows new devices, some with previously unsupported operating systems, to be more easily incorporated into an enterprise’s IT environment. The telecom industry can greatly benefit from the emergence of Network Functions Virtualization (NFV), SDN, and Network Virtualization, as these technologies provide significant advantages. The NFV idea virtualizes and effectively joins service provider network elements on multi-tenant industry-standard servers, switches, and storage. To leverage the benefits of NFV, telecom service providers have heavily invested in NFV services. By deploying NFV and application virtualization together, organizations can create a more flexible and scalable IT infrastructure that responds to changing business needs more effectively. 5. Risks and Challenges of Virtual Machines in the Cloud 5.1 Resource Distribution: Resource availability is crucial when running applications in a virtual machine, as it leads to increased resource consumption. The resource distribution in VMs is typically managed by a hypervisor or virtual machine manager responsible for allocating resources to the VMs based on their specific requirements. A study found that poor resource management can lead to overprovisioning, increasing cloud costs by up to 70%. (Source: Gartner) 5.2 VM Sprawl: 82% of companies experienced VM sprawl, with the average organization having 115% more VMs than they need, as per a survey. (Source: Veeam) VM sprawl can occur in virtualization when an excessive proliferation of virtual machines is not effectively managed or utilized, leading to many underutilized or inactive VMs. This can lead to increased resource consumption, higher costs, and reduced performance. 5.3 Backward Compatibility: Backward compatibility can be particularly challenging in virtualized systems, where applications may run on multiple operating systems than they were designed for. A recent study showed that 87% of enterprises have encountered software compatibility issues during their migration to the cloud for app virtualization. (Source: Flexera) 5.4 Conditional Network Monitoring: A study found that misconfigurations, hardware problems, and human error account for over 60% of network outages. (Source: SolarWinds) Network monitoring tools can help organizations monitor virtual network traffic and identify potential network issues affecting application performance in VMs. These tools also provide visibility into network traffic patterns, enabling IT teams to identify areas for optimization and improvement. 5.5 Interoperability: Interoperability issues are common when implementing cloud-based virtualization when integrating the virtualized environment with other on-premises or cloud-based systems. According to a report, around 50% of virtualization projects encounter interoperability issues that require extensive troubleshooting and debugging. (Source: Gartner) 6. Overcoming Roadblocks: Best Practices for Successful Execution of VMs 6.1 Unlocking the Power of Resource Distribution: By breaking up large, monolithic applications into smaller, more manageable components, virtualizing allows organizations to distribute resources effectively, enabling its users with varying needs to utilize the resources with optimum efficiency. With prioritizing resource distribution, resources such as CPU, memory, and storage can be dynamically allocated to virtual machines as needed. Businesses must frequently monitor and evaluate resource utilization data to better resource allocation and management. 6.2 Effective techniques for Avoiding VM Sprawl: VM sprawl can be addressed through a variety of techniques, including VM lifecycle management, automated provisioning, and regular audits of virtual machine usage. Tools such as virtualization management software, cloud management platforms, and monitoring tools can help organizations gain better visibility and control over their virtual infrastructure. Monitoring applications and workload requirements as well as establishing policies and procedures for virtual machine provisioning & decommissioning are crucial for businesses to avoid VM sprawl. 6.3 Backward Compatibility: A Comprehensive Solution: One of the solutions to backward compatibility challenges is to use virtualization technologies, such as containers or hypervisors, that allow older applications to run on newer hardware and software. Another solution is to use compatibility testing tools that can identify potential compatibility issues before they become problems. To ensure that virtual machines can run on different hypervisors or cloud platforms, businesses can implement standardized virtualization architectures that support a wide range of hardware and software configurations. 6.4 Performance Metrics: Businesses employing cloud-based virtualization must have reliable network monitoring in order to guarantee the best possible performance of their virtual workloads and to promptly detect and resolve any problems that may affect the performance. Businesses can improve their customers' experience in VMs by implementing a network monitoring solution that helps them locate slow spots, boost speed, and avoid interruptions. 6.5 Solutions for Interoperability in a Connected World: Standardized communication protocols and APIs help cloud-based virtualization setups to interoperate. Integrating middleware like enterprise service buses (ESBs) can consolidate system and application management. In addition, businesses can use cloud-native tools and services like Kubernetes for container orchestration or cloud-native databases for interoperability in virtual machines. 7. Five Leading Providers for Virtualization of VMs Aryaka Aryaka is a pioneer of a cloud-first architecture for the delivery of SD-WAN and, more recently, SASE. Using their proprietary, integrated technology and services, they ensure safe connectivity for businesses. They are named a Gartner ‘Voice of the Customer leader’ for simplifying the adoption of network and network security solutions with organization standards for shifting from legacy IT infrastructure to various modern deployments. Gigamon Gigamon provides a comprehensive network observability solution that enhances observability tools' capabilities. The solution helps IT organizations ensure security and compliance governance, accelerate the root-cause analysis of performance issues, and reduce the operational overhead of managing complex hybrid and multi-cloud IT infrastructures. Gigamon's solution offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. Liquidware Liquidware is a software company that offers desktop and application virtualization solutions. Their services include user environment management, application layering, desktop virtualization, monitoring and analytics, and migration services. Using these services, businesses can improve user productivity, reduce complexity in managing applications, lower hardware costs, troubleshoot issues quickly, and migrate to virtualized environments efficiently. Azul Azul offers businesses Java runtime solutions. Azul Platform Prime is a cloud-based Java runtime platform that provides enhanced performance, scalability, and security. Azul provides 24/7 technical support and upgrades for Java applications. Their services improve Java application performance, dependability, and security for enterprises. Azul also provides Java application development and deployment training and consultancy. 8. Conclusion Virtualization of VMs in businesses boosts their ROI significantly. The integration of virtualization with DevOps practices could allow for more streamlined application delivery and deployment, with greater automation and continuous integration, thus achieving greater success in current competitive business landscape. We expect to see more advancements in developing new hypervisors and management tools in the coming years. Additionally, there will likely be an increased focus on security and data protection in virtualized environments, as well as greater integration with other emerging technologies like containerization and edge computing. Virtualization is set to transform the business landscape in future by facilitating the effective and safe deployment and management of applications as technology advances and new trends emerge. The future of virtualization looks promising as it continues to adapt to and revolutionize the changing needs of organizations, streamlining their operations, reducing carbon footprint, and improving overall sustainability. As such, virtualization will continue to be a crucial technology for businesses seeking to thrive in the digital age.

Article | April 17, 2020

Researchers have published the details of an investigation into CVE-2020-3952, a major vulnerability in VMware's vCenter that was disclosed and patched on April 9. The flaw was given a CVSS score of 10. CVE-2020-3952 exists in VMware's Directory Service (vmdir), which is a part of VMware vCenter Server, a centralized management platform for virtualized hosts and virtual machines. Through vCenter Server, the company says, an administrator can manage hundreds of workloads. The platform uses single sign-on (SSO), which includes vmdir, Security Token Service, an administration server, and the vCenter Lookup Service. Vmdir is also used for certificate management for the workloads vCenter handles.