The New Reality of Data Center Security

Microsegmentation redefines enterprise security

It seems every few days, a new, high profile data breach dominates the headlines. Tens of millions of user accounts hacked, 40 million credit card numbers leaked, customer names and addresses posted to forums: This is the reality of today’s cybersecurity landscape.

One of the oldest approaches to security both outside and within the realm of IT is compartmentalization. You don’t put all your eggs in one basket, and you don’t entrust the security of your data center solely to a perimeter firewall. Network World dubbed this approach “crustacean security“ way back in 2007.

The idea of using network microsegmentation to limit lateral traffic isn’t new, but until recently, it was never feasible. Even if you blanketed your data center with a legion of hardware firewalls, there’d be no way to operationalize them, and the costs would be astronomical. Until now. Why?

The advantages of a software-defined data center (SDDC) are well established. They include service delivery speed, operational efficiency, reduced hardware dependency and lower cost. But increasingly, customers are taking advantage of network virtualization in the software-defined data center to take IT security to another level.   The IT teams at WestJet, Medtronic, , Synergent Umpqua Bank and others are all transforming their data center security architecture through a concept known as micro-segmentation enabled by the VMware NSX network virtualization platform.

From the Drawing Board to the Boardroom

Network security isn’t just the purview of system administrators and IT decision makers anymore—it’s become an integral aspect of corporate strategy.

“With weekly announcements of major breaches, the risk of exposing intellectual property or sensitive customer data is now a Board-level discussion for our customers,” said Chris King, vice president of product marketing, networking and security business at VMware.

If companies like Target and Bank of America are any indication, existing security architecture simply isn’t up to the challenge. To its credit, BofA calls software-defined data centers the future, but on the other hand, that statement also implies that they are not part of the present yet. Make no mistake—the software-defined data center has arrived, it’s just a matter of embracing it now.

Leading the Way

Oregon-based Umpqua Bank didn’t necessarily set out to become an IT trailblazer, but when its IT team decided to bring several outsourced services in-house, they opted for a microsegmentation-based security strategy using VMware NSX.

“Just being compliant isn’t enough – having the highest possible level of security protection in place is vital for us and for our customers,” said Sam Guidice, Manager of Infrastructure Systems at Umpqua Bank. “Microsegmentation with VMware NSX lets us adopt a powerful Zero Trust approach with our infrastructure, quickly and cost effectively. Microsegmentation-based security wouldn’t have been financially or operationally feasible without VMware NSX.”

Through NSX, Umpqua Bank was able to deploy security controls within their data center network, rather than simply at the perimeter. With a hardware-centric approach, this would have been practically and economically impossible.

“Umpqua’s experience is a great example of how the smartest organizations are turning to software-defined innovation to address the increased pace of business while managing risk,” King said. “VMware NSX helps Umpqua be fast, agile and secure.”

A number of organizations are now leveraging VMware NSX for this very use case and redefining the meaning of enterprise security in the process. SDDC benefits like automated provisioning, remote management and orchestration – well, those are just the cherry on top.