Escolar Documentos
Profissional Documentos
Cultura Documentos
#SEC5889
Objective
Identify specific use cases that highlight the value of advanced
visibility with simplified workflows
Common
Control
Frameworks
Infrastructure
Requirements
Security Architect
4
Access Control
Segmentation
Automation
Audit
Do we have
this malicious
software
running?
PCI Auditors
in the
house are
we
compliant?
High severity
vulnerabilities on
critical business
systems must
patch!
I need this.
Yikes.
Security
Architect
VI Admin /
Cloud Operator
Agenda
Security Operations Is Catching Up with Policy
Prerequisites To Enforcing Policy Visibility
NSX Activity Monitoring Provides Advanced Visibility to
Users and Applications
Next Steps
7
Security
Architect
DEFINE
MONITOR
ENFORCE
VI Admin /
Cloud Operator
8
VI Admin /
Cloud Operator
Security
Architect
VI Admin /
Cloud
Operator
Compliant.
Easy.
VI Admin /
Cloud
Operator
10
Security
Architect
I found
something
fishy.
Yup. Can
you block
this
Sure, No
problem
VI Admin /
Cloud Operator
11
Security
Architect
Agenda
Next Steps
12
Security
Architect
DEFINE
MONITOR
VI Admin /
Cloud Operator
NSX Service
Composer
ENFORCE
NSX Firewall
Any Application
(without modification)
Built-In Services
Virtual Networks
Logical
Logical
Load Balancer
VPN
Logical L2
Logical L3
Any Hypervisor
Visibility
Automation
14
Security
Architect
DEFINE
VI Admin /
MONITOR Cloud
Operator
NSX Service
Composer
NSX Activity
Monitoring
ENFORCE
NSX Firewall
Any Application
(without modification)
Built-In Services
Virtual Networks
Logical
Logical
Load Balancer
VPN
Logical L2
Logical L3
Any Hypervisor
Visibility
Automation
16
AD Group
User: Joe
AD Group
Security
Group
Desktop
Pool
Security
Group
17
Agenda
Security Operations Is Catching Up with Policy
Prerequisites To Enforcing Policy Visibility
NSX Activity Monitoring Provides Advanced Visibility to
Users and Applications
Next Steps
18
MONITOR
In other words..
corporate servers
19
Monitor
Enforce
Policy Category
Challenges
20
Monitor
Enforce
Doctors
Nurses
Financ
e
Requirements
21
Accounting
Servers
on user identity
Demo
UI Introduction
22
Demo
Verify EPIC Access
24
Demo
Block Finance access to EPIC Servers
26
Agenda
Security Operations Is Catching Up with Policy
Prerequisites To Enforcing Policy Visibility
NSX Activity Monitoring Provides Advanced Visibility to
Users and Applications
Next Steps
28
Monitor
Policy Category
Challenges
Visibility into all data center
applications
Monitor
Enforce
DB Administrators
HR
Requirements
ODBC HTTP
ODBC
WEB
APP
DATABASE
30
Demo
User Access to Applications
31
32
Demo
Inbound Application Access
33
Agenda
Security Operations Is Catching Up with Policy
Prerequisites To Enforcing Policy Visibility
NSX Activity Monitoring Provides Advanced Visibility to
Users and Applications
Next Steps
35
Monitor
Policy Category
Acceptable use of
Enforce
Challenges
36
Monitor
HR
Enforce
Requirements
HTTPS
WEB
APP
DATABASE
37
Demo
VM Activity
38
AD Group
App Name
Source
Originating
VM Destination
Destination
Name
VM Name
Eric
172.16.254.1
Engineering
iexplorer.exe
Windows172.16.112.2
7
Apache Server
With
Activity
Today
Monitoring
Eric Frost
SVM
VM Tools
Compute
41
Active Directory
NSX
Mgr
Management
Gateway
Source IP
Destination IP
192.168.10.75
192.168.10.78
Agenda
Security Operations Is Catching Up with Policy
Prerequisites To Enforcing Policy Visibility
NSX Activity Monitoring Provides Advanced Visibility to
Users and Applications
Next Steps
42
I will.
Security
Architect
43
VI Admin /
Cloud
Operator
THANK YOU
Related Sessions
NET5847 - NSX: Introducing the World to VMware NSX
SEC5749 - Introducing NSX Service Composer: The New
Consumption Model for Security Services in the SDDC
45
SEC5889
Troubleshooting and Monitoring NSX Service
Composer Policies
Shubha Bheemarao, VMware
Mitchell Christensen, VMware
#SEC5889