VMware

Currently, most  virtualized environments are secured through the use of air gaps.  The air gap security model segregates applications in different trust zones on dedicated virtualized hosts with layers of security – usually involving firewalls, load balancers, and VPNs – protecting the interconnections that span the air gaps.  This model is effective, but it does not scale well when you have a larger virtualized environment or want to move to the cloud.  A new security model is needed for the cloud.

VMware is the only vendor that is addressing the security requirements for cloud computing, with solutions that allow customers to move from the traditional “air gap” security model to a “mixed trust” model that is more flexible, cost effective and can scale effectively for the cloud .

Competitors such as Microsoft, Citrix, Red Hat and Oracle are still promoting security solutions that are based on traditional physical security paradigms.  Only VMware is rethinking this old methodology to come up with a more efficient, less complex way to manage security .Only VMware, with the vShield 5 suite of security solutions, uses virtualization-aware technology to address the important concerns for security and compliance in the cloud head-on.  With vShield, customers are able to:

  • Simplify datacenter security without compromise
  • Deploy a better security model that scales for cloud computing
  • Continuously assess and automate compliance requirements

Simplified Security without Compromise

Most security solutions in a virtual environment (including the ones supported by Microsoft, Citrix and Red Hat) consist of multiple components that must be managed – such as the network, firewall, and load balancer, as well as the application itself.  Each component is managed by different experts within the IT organization and multiple point solutions are required.

" VMware has the best security vision for virtual environments"

- Time for VMware to drag the security industry kicking and screaming into virtualization - (Computerworld, September 2010)

With vShield, VMware has pioneered a new way to manage virtual security that is both centralized and well-defined.  All security management and deployment can be controlled through vCenter – a single pane of glass solution for all vShield components.  The role-based access controls let different experts in the IT team have different views and access to the environment  with a clear separation of roles and responsibilities.  Finally, with vShield App and vShield Edge, security is embedded into a single virtual appliance, eliminating expensive hardware.

VMware vShield improves operational efficiency and is less complex than traditional security solutions

  Other Virtualization Vendors Limited to Traditional Security Tools VMware vShield Security Model
Policy Frameworks
Multiple rules
  • Separate policies and rules defined for each component of the datacenter:
    • Hosts, networking, applications, data and endpoint
Simple, single pane of glass
  • Distinct components are integrated into a single management framework
  • vShield Manager provides a central command center
IT Roles and Responsibilities
Multiple IT groups involved
  • Multiple stakeholders involved in security planning
  • Roles overlap, adding complexity and confusion
Clear distribution of roles
  • Role-based access provides clear separation of workflows for virtualization and security admins
  • Flexibly delegate administrative tasks across resource pools and security groups
Hardware Security Solutions
Multiple physical solutions
  • Patchwork of multiple point solutions:
    • Firewalls
    • VPNs
    • Load Balancers
  • Each device managed separately
  • Capacity limited by hardware appliance ports
  • Increased cost and complexity
Single virtual appliance
  • Built-in VPN, load balancer, NAT, DHCP and firewall
  • Centralized and integrated management
  • Lower cost
  • Simplifies overall management