Make micro-segmentation work for you: A collection of customer stories

The Current Model is Broken 3. Attacks are taking a bigger toll. The cost of data breaches to companies also continues to increase, according to the Ponemon Institute. Network security breaches are more and more common and are effecting people in all areas. They’ve hit business sectors from retail and financial to healthcare and government. They impact the world’s largest and most sophisticated organizations, as well as smaller firms. Average Cost of Data Breach The cost of a data breach can easily reach millions or hundreds of millions of dollars. It can include forensic experts, in-house investigations, loss of customers, lower customer acquisition rates and free credit or identity monitoring subscriptions to bolster trust. If the security breach succeeds in stealing valuable customer or employee information, the costs are virtually incalculable. While the news reports alone show current strategies are not working, other data supports that conclusion as well: $3 $3.5 2013 2014 million million Figure 1: Cost of Data Breach Study 2014, Ponemon Institute, 2014 Complex security mechanisms like physical firewalls that protect the perimeter, are not enough to adequately protect data centers. Physical devices can’t be everywhere at once: It’s simply too complicated and expensive to locate firewalls everywhere in the data center. And once malware is behind the firewall, it can easily move from workload to workload. This lateral movement is possible because of a lack of sufficient internal network controls to regulate sever-to-server, or east-west network traffic. 1. Companies continue to invest heavily in security. In the U.S. alone, companies are collectively spending billions on security every year — and significantly boosting their annual security spending. 2. Attacks continue to be successful. The average company experiences two successful attacks each week, according to a global survey by PriceWaterhouseCoopers1. 1. G lobal State of Information Security Survey 2015, PriceWaterhouseCoopers, 2014 1 It’s time for a new approach. Micro-segmentation, enabled by VMware NSX, is a breakthrough model for data center security. Network security policies are enforced by firewall controls integrated into the hypervisors that are already distributed throughout the data center. This enables security that is both ubiquitous and granular. Security policies can also be changed more easily — even automatically — and adapt dynamically to changes in workloads. See how these organizations have used VMware NSX micro-segmentation to gain: • Improved security • Improved agility • Improved flexibility Network Virtualization Makes Micro-segmentation Possible VMware® NSX™, the network virtualization platform for the Software-Defined Data Center, creates a virtual network that is independent of the underlying IP network hardware. IT can simply treat the physical network as a pool of transport capacity. Much like the server virtualization model, a “network hypervisor” reproduces Layer 2 to Layer 7 networking services in software. These services can be assembled in any combination in a matter of seconds — to produce a new network configuration. You can programmatically create, provision, snapshot, delete and restore complex networks. Micro-segmentation lets you secure traffic between VMs, as well as between VMs and physical hosts. Create and apply security policies down to the level of virtual network interface cards. And policies will automatically move with the workload, even if the physical IP address changes. With micro-segmentation it’s even easier to integrate other types of security products into the data center than with physical security. 2
Please complete the form to gain access to this content