NETWORK VIRTUALIZATION AND SECURITY

Existing software-defined data centers (SDDCs) based on the VMware NSX solution provide numerous benefits for ease of management and raise the level of security in data centers. This solution provides full functionality and control over network traffic, regardless of network hardware. Network services are executed at the level of the physical host hypervisor, which is why all processes are automated, and the solution itself is easily scaled. NSX brings a revolutionary level of security, using the principle of micro – segmentation and a distributed firewall, which allows the creation of security policies at the level of a single virtual machine. This approach creates the so-called zero trust network, which within the data center forwarded only exactly defined traffic.

The virtualization platform for the NSX network enables programmable network creation, modification and deletion, where network edits are used only as transport capacity. Network and security services in the software are distributed to hypervisors and are bound to a particular virtual machine in accordance with its security policy. If VM migrates to another physical server, its security policy moves, whether that server is in the same data center or elsewhere.

NSX, as a solution supported by different hypervisors, manages the virtual plugs that are already present in server hypervisors. In addition, NSX coordinates network services for each virtual machine connected to a virtual network. As a virtual machine software container that represents a logical computer resource for an application, so is a virtual network software container that represents logical network services that require only the transport network on the layer below.