Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
|
|
- Elmer Small
- 6 years ago
- Views:
Transcription
1 ADV1587BU NSX + Horizon: A Security Architecture for Delivering Desktops and Applications with VMware Wade Holmes Graeme Gordon VMworld 2017 Content: Not for publication #VMworld #ADV1587BU
2 Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery. Pricing and packaging for any new technologies or features discussed or presented have not been determined. #ADV1587BU CONFIDENTIAL 2
3 Agenda 1 Today s Landscape 2 How Horizon Can Help 3 Why NSX? 4 Protecting Infrastructure 5 Identify Based Firewall 6 Getting Started #ADV1587BU CONFIDENTIAL 3
4 Attacks and Attackers Have Become More Sophisticated Organized crime VMworld 2017 Content: Not for Insiders publication Cyber terrorists/ hacktivists Nation states ADVANCED PERSISTENT THREATS WEAPONIZATION OF CYBERSPACE #ADV1587BU CONFIDENTIAL 4
5 How Can Horizon Help?
6 Secure Desktops, Apps and Data with Horizon 7 Access & Authentication Network Security Centrally Delivered & Controlled VMworld 2017 Just-in-Time Desktops Content: Not for publication App Lifecycle Management Profile & Smart Policies #ADV1587BU CONFIDENTIAL 7
7 Data Centralization Collapse Branch Infrastructure File servers, servers, application servers. Data Sharing Reduce data replication Lower risk of out of date data being used in error. Data Backup (and recovery) Simplified by being centralized Enabled more advanced DR strategies ediscovery Eases auditing effort Proactive Response to Security Incidents Simplified and consistent patching #ADV1587BU CONFIDENTIAL 9
8 Just-in-Time Desktops With innovative technologies like Instant Clones, User Environment Management and App Volumes - Horizon ensures that IT can streamline desktop and application management like never before, providing employees with truly stateless desktops. or Drive Down Storage Costs by >30% Deliver Apps Instantly distribution Streamline OpEX by >50% #ADV1587BU CONFIDENTIAL 11
9 OS and Application Patching in the Physical World Risk of Configuration Drift Ensure that all desktops receive proper patches Assessment Which patches are needed on which systems? 32-bit vs. 64-bit? Microsoft vs. third party, etc.? Scheduling When will patches be deployed to each system? Deployment Ensure that each system receives the proper set of patches and that they are properly executed. Reboot Many patch deployments require reboots. Rescan Reassess the machines post-reboot to make sure they were fully patched. #ADV1587BU CONFIDENTIAL 12
10 OS and Application Patching with Horizon 7 Controlled and Consistent Patch the Master VM and update the pool. All desktops are in known state. Patch level controlled by Admin Can include the latest anti-malware definitions. Can include application updates/ patches Can restore pool to a last good state as well as remediation in case of Malware. Master VM 2 1 Datastore 1 Replica 1 Replica Desktops #ADV1587BU CONFIDENTIAL 13
11 App Volumes Managed Application Containers Data / Files Applications Settings AppStack AppStack Writable Volume App Volumes Agent OS OS Traditional Just-in-Time App Model #ADV1587BU CONFIDENTIAL 14
12 Smart Policies Overview Customize desktop features Features include: Clipboard Cut/Paste Client Drive Redirection USB Printing Bandwidth Profile Conditional policies based on: User Identity Location Pool Name etc. VMworld 2017 Benefits Secures the desktop or application based on the user s identity or location. Re-evaluate conditions during the session. Streamlined desktop experience a single desktop image can be easily customized based on flexible policies. Content: Not for publication #ADV1587BU CONFIDENTIAL 15
13 Unified Access Gateway Provides secure remote access for users to access: Various edge services. Resources within the corporate network. Deployed in DMZ or Cloud tenants Hardened appliance running SLES 12 Linux Compliance and certifications (FIPS/ CC) DMZ Authentication Smart Card Support Certificate SAML Pass-Thru support RADIUS / SecurID Support Supports multiple use cases: Horizon Reverse Proxy (Identity Manager) VMware Tunnel (Per App Tunnel & Proxy services) Identity Bridging Content Gateway (upcoming release) #ADV1587BU CONFIDENTIAL 16
14 NSX and Horizon
15 Traditional Client Computing Traffic is only North-South Networking is simple and only north-south. Threat pattern is north-south. Straightforward protection scenario. Security via DMZ zones at the edge. Data at Rest is the primary concern Mission-critical data on endpoint local storage. Common motivator for desktop virtualization. Organizations implement desktop virtualization to: VMworld 2017 Content: Not for Optimize Compute and Storage resources. Secure data at rest (moved to data center). Exert better control over north-south threats Data Center publication #ADV1587BU CONFIDENTIAL 18
16 Desktop & Application Virtualization Benefits Desktop and App virtualization places O/S, Applications and Data in the data center WWW WWW Other Users Virtual Desktop SAP, Oracle Exchange, etc. Enterprise Storage Avoid loss of data sitting on devices (device loss, theft, damage) Unauthorized access to sensitive applications installed on devices Reduced branch infrastructure footprint (file/print/ servers etc.) Conducive to efficient, centralized backup Centralized patching against vulnerabilities #ADV1587BU CONFIDENTIAL 19
17 Current Challenges in the Data Center Large attack surface within the data center Multiple, discrete east-west flows between desktops and infrastructure Data Center WWW EAST VMworld 2017 Other Users Virtual Desktop WEST SAP, Oracle Exchange, etc. Enterprise Storage User behaviors Zero-day threats Compromised internet websites Content: Not for publication Desktop-to-desktop hacking Desktop-to-server hacking #ADV1587BU CONFIDENTIAL 20
18 Securing East-West within VDI Environments Organizations with focus on compliancy and risk mitigation will implement security zones to protect East-West flows within the data center. Hard to implement Lots of physical infrastructure required Complex to manage VMworld 2017 PCI Zone Remote workforce Zone Shared svcs DB Zone Corp Zone Dev Zone Eng Zone Centralized Virtual Desktops Content: Not for publication DMZ Admin Zone Financial Zone #ADV1587BU CONFIDENTIAL 21
19 Traditional Networking & Security is complex! Internet DMZ Remote workforce Zone Shared svcs DB Zone Centralized Virtual Desktops Corp Zone Dev Zone Eng Zone Internal Networks PCI Zone Admin Zone Financial Zone #ADV1587BU CONFIDENTIAL 22
20 More Efficient Firewalls with NSX East-West Firewalling / Same host East-West Firewalling / Host to host Before NSX With NSX Before NSX Distributed Virtual Firewall Nexus 7000 Nexus 7000 UCS Fabric A UCS Fabric B UCS Blade 1 vswitch UCS Fabric A UCS Blade 1 NSX vswitch UCS Fabric B Nexus 7000 vswitch vswitch With NSX Distributed Virtual Firewall Nexus 7000 UCS Fabric A UCS Fabric B UCS Fabric A UCS Fabric B UCS Blade 1 UCS Blade 2 UCS Blade 1 UCS Blade 2 NSX vswitch 6 wire hops 0 wire hops 6 wire hops Fewer hops, more efficient and precise VM networking 2 wire hops #ADV1587BU CONFIDENTIAL 23
21 NSX for Horizon VDI Deployment Micro-segmentation Edge Services Network Virtualization Internal Developer Pool External Developer Pool Desktop to Desktop control Desktop to Enterprise App control Security Services e.g. Agentless AV, NGFW, IPS Load balancing, Edge firewall NAT VPN Horizon Infra Internal Developer Network External Developer Network Allows for elasticity and agility to spin up/down new pools or expand existing #ADV1587BU CONFIDENTIAL 24
22 Segmentation of a Horizon Environment Protecting Horizon Infrastructure Horizon Components (Connection Servers, Unified Access Gateway, View Composer, vcenter) External world to Horizon components control VMworld 2017 Access control between various Horizon components Protecting Desktop Pools Internal Developer Pool External Developer Pool Desktop to Desktop control Desktop to Enterprise App control 3 rd party Security Services e.g. Agentless AV, NGFW, IPS User based access control. Web Internal Developer Pool Content: Not for publication App 3 Tier Enterprise App Identity Firewall (IDFW) AD Group Based #ADV1587BU CONFIDENTIAL 25 DB
23 Protecting Infrastructure
24 VMware Horizon Architecture Overview SaaS, Mobile Apps VMware Identity Manager User Workspace Virtualized Apps (ThinApps) Unified Access Gateways Windows 10 Instant Clone VMware Horizon View Linux Clone Horizon Connection Servers Virtual Desktop Pools Windows 10 3D Desktop View Composer Hosted RDS Desktops & Apps Horizon Clients Applications (VMware App Volumes) User Environment IT Settings User Profile Core Infrastructure vrealize Operations for Horizon vcenter Server Database (SQL) Active Directory VMware vsphere + NSX + VSAN #ADV1587BU CONFIDENTIAL 27
25 #ADV1587BU CONFIDENTIAL 28
26 Easy Service Definition #ADV1587BU CONFIDENTIAL 29
27 Micro-Segmentation Sample Configuration Infrastructure Rules Desktop and Application Rules #ADV1587BU CONFIDENTIAL 30
28 Identity Based Firewall Policy driven micro-segmentation of the user
29 VMware NSX Identity Based Firewall Rules (IDFW) DFW offers Identity Based Firewall (IDFW) functionalities: Specific AD security groups of users can be used to create DFW rules DFW rules are defined based on Active Directory (AD) membership (e.g. doctors or surgeons group): Define a NSX Security Group that contains an AD security group and apply it as the source of the DFW policy rule Users can use physical or virtual systems that have been joined to the AD Domain as the source Destination system must be a VM. Policy Rule: Source Destination Service Action Doctors (security group) Patient Record Servers Any Allow Any Any Any Deny #ADV1587BU CONFIDENTIAL 32
30 VMware NSX Identity Based Firewall Rules & EUC Before NSX All Desktops on a VLAN can communicate freely. Once one Desktop is compromised, lateral movement cannot be restricted. With NSX Micro-segmentation can granularly control desktops even on shared VLAN. User/Group based Access Control Control VDI to Apps access using NGFW redirection when needed. VMworld 2017 Files HR Finance SharePoint Network Content: Not for publication Bob (HR) Human Resources Jennifer (Finance) Finance #ADV1587BU CONFIDENTIAL 33
31 Secure Just in Time Desktops Sales Admin Developer Stateless desktop Single Pool Role-Based Desktop Creation & Customization Sales Developer Sales Sales Developer Developer Sales Dev. Sales desktop Developer desktop Admin Network Policy from NSX Admin Admin Application Layers from App Volumes Admin Personalization from UEM Admin desktop #ADV1587BU CONFIDENTIAL 34
32 AirWatch Per-App VPN and VMware NSX Device Level VPN App Level VPN App Level VPN Micro Segmentation #ADV1587BU CONFIDENTIAL 35
33 Load Balancing Infrastructure
34 VMware NSX ESG Integrated North South Network Services DDI. Firewall Load Balancer VPN Routing/NAT DHCP/DNS relay VMworld 2017 VM VM VM VM VM Overview Integrated L3 L7 services Virtual appliance model to provide rapid deployment and scale-out Benefits Content: Not for publication Real time service instantiation Support for dynamic services per tenant/application Uses x86 compute capacity #ADV1587BU CONFIDENTIAL 37
35 VMware NSX ESG Load Balancer CS1 CS2 CS3 VMworld 2017 Features UDP, TCP, FTP, HTTP, HTTPS with Stateful HA Multiple Virtual IPs each with separate server pool and configurations Multiple load balancing algorithms Multiple Session Persistence methods Configurable health checks Application Rules SSL Termination with Certificate Management Transparent/Full Proxy Mode IPv6 Support Content: Not for publication Use Cases Per Tenant LB Dynamic VIP for VDI Management #ADV1587BU CONFIDENTIAL 38
36 Connection Servers Load Balancing and External Access External DNS: horizon.domain.com External Users External Load Balancer UAG1 uag1.domain.com UAG2 uag2.domain.com DMZ Internal Users Internal Load Balancer INTERNAL Connection Server 1 horizon1.domain.com Connection Server 2 horizon2.domain.com Internal DNS: horizon.domain.com When resolving horizon.domain.com External Clients get All internal components and clients use #ADV1587BU CONFIDENTIAL 39
37 Partner Integration AV, Endpoint Monitoring
38 Optimized Performance for VDI Environments ESXi SAN Management Network Usage Scan Speed CPU/Memory Usage IOPS Storage #ADV1587BU CONFIDENTIAL 41
39 Optimized Performance for VDI Environments ESXi SAN Scan Cache VMworld 2017 Up to 20X Faster* Full Scans Up to 5X Faster Real-time Scans Content: Not for publication Up to 2X Faster VDI Login Up to 30% More VM density #ADV1587BU CONFIDENTIAL 42
40 NSX Service Insertion and Chaining for VDI Traffic exits guest VM and reaches DFW for processing. If action is set to permit, DFW will forward traffic to filtering module. If the Filtering module allows the traffic to be redirected then, Traffic redirection steers traffic to partner services VM/s Permitted traffic processed by partner services VM is sent to destination. VMworld 2017 Slot 2 Slot 4 vcenter Guest VM DFW Filtering module Partner console Partner services VM Content: Not for publication Distributed Switch (vds) External network #ADV1587BU CONFIDENTIAL 43
41 Example: NSX Service Composer & Third-Party Service Insertion Quarantine Vulnerable Systems until Remediated Policy Definition Standard Policy Anti-Virus Scan Quarantined Policy Firewall Block all except security tools Anti-Virus Scan and remediate Security Group = Standard VMworld 2017 Security Group = Quarantine Members = {Tag = ANTI_VIRUS.VirusFound } Content: Not for publication #ADV1587BU CONFIDENTIAL 44
42 Getting Started First Steps and Resources
43 Horizon + NSX: Benefits Fast and Simple VDI Networking Create, change and manage security policies across all of your virtual desktops with a few easy clicks Automated Policy Provisioning Set policies once, dynamically following users, independent of the network underneath Platform for Advanced Security Comprehensive security from endpoint to desktop, based on user role, protecting O/S, , browser and more NSX for Horizon Delivers Fast, Easy and Extensible Security That Protects Against: User Behaviors Zero-day Threats Compromised Websites Desktop-to-desktop Hacks Desktop-to-server Hacks #ADV1587BU CONFIDENTIAL 46
44 Protecting Horizon with NSX in Simple Steps Install Deploy NSX Manager Appliance Prepare Hosts (Install VIB) Configure Add key VMs to Exclusion List (vcenter VMs) Create and Group Services Create Security Groups Build Distributed Firewall Rules Test #ADV1587BU CONFIDENTIAL 47
45 Achieving Micro-segmentation in Real World Prepare Security Fabric Prepare Hosts for Security Optional: Deploy Security Vendor Management Consoles for advanced services Optional: Deploy security vendor appliances. Monitor Flows Brownfield: Leverage existing knowledge from Perimeter firewalls Use NSX Built-In Application Rule Manager, Flow Monitoring, IPFIX tools Use vrealize Network Insight to analyze traffic flows Integrate VMware Log Insight to analyze syslogs. Determine Policy Model Identify patterns with flows Determine a policy model based on the patterns. Apply Policy Model Determine approach : Firewall Rule Table or Service Composer Policy Model Based on the Policy Model Create grouping models Write Security Policy 48
46 Resources for Starting with NSX Learn Connect & Engage communities.vmware.com NSX Product Page & Technical Resources vmware.com/products/nsx Network Virtualization Blog blogs.vmware.com/networkvirtualization VMware NSX on YouTube youtube.com/user/vmwarensx Design Guide Use VMware NSX for vsphere End-User Computing Design Guide NSX Proactive Support Service Optimize performance based on data monitoring and analytics to help resolve problems, mitigate risk and improve operational efficiency. vmware.com/consulting Experience Take NSX Sessions Spotlights, breakouts, quick talks & group discussions Visit the VMware Booth Use case demos, chat with NSX experts Visit NSX Technical Partner Booths Integration demos Test Drive NSX with free Hands-on Labs Expert-led or Self-paced. labs.hol.vmware.com Training and Certification Several paths to professional certifications. Learn more at the Education & Certification Lounge. vmware.com/go/nsxtraining #ADV1587BU CONFIDENTIAL 50
47
48
49
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SIE2034BE Securing your VMware Horizon Virtualized Apps and Desktop Investments with NSX Satish Yadavalli, General Manager & Global Practice Head Wipro Limited Bhanu Reddy, Practice Manager Wipro Limited
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SAI2803BU The Road to Micro- Segmentation with VMware NSX #VMworld #SAI2803BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationDisclaimer CONFIDENTIAL 2
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET3282BE The NSX Practical Path Brian Lazear, Sr. Director, NSX Product Management Brian Muita, CTO, Node Africa #VMworld #NET3282BE Disclaimer This presentation may contain product features that are
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1582BU Solve your Citrix Problems with VMware Technologies Mark Ewert, Lead Technologist, VMware Frank Anderson, EUC Solutions Architect, VMware Dewey Gripshover, Program Manager VDI Tech, GE #VMworld
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1582BE Solve your Citrix Problems with VMware Technologies Nick Jeffries, Senior Solutions Architect, VMware Sebastian Brand, Lead Systems Engineer, VMware #VMworld #ADV1582BE Disclaimer This presentation
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1593BE Horizon Apps and JMP: Technical Deep Dive Barak Nissim Systems Engineer - EUC Practice, VMware Hilko Lantinga Technical Marketing Architect EUC, VMware #VMworld #ADV1593BE Disclaimer This presentation
More informationAudience Profile Experienced system administrators and system integrators responsible for implementing desktop solutions
[VMHICMAVFTV7.3]: VMware Horizon 7: Install, Configure, Manage plus App Volumes Fast Track [V7.3] Length Delivery Method : 5 Days : Instructor-led (Classroom) Course Overview This intensive five-day, extended-hours
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1416BE NSX Logical Routing Yves Hertoghs Pooja Patel #VMworld #NET1416BE Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SAI1303BU Security with NSX. Greater Security in the Digital Business Age Alex Berger, NSX Product Marketing #VMworld #SAI1303BU Disclaimer This presentation may contain product features that are currently
More informationNetwork Virtualization Business Case
SESSION ID: GPS2-R01 Network Virtualization Business Case Arup Deb virtual networking & security VMware NSBU adeb@vmware.com I. Data center security today Don t hate the player, hate the game - Ice T,
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1192BE Multisite Networking & Security with Cross-vC NSX Josh Coulling Networking & Security Senior System Engineer #VMworld #NET1192BE Disclaimer This presentation may contain product features that
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
MMC1532BE Using VMware NSX Cloud for Enhanced Networking and Security for AWS Native Workloads Percy Wadia Amol Tipnis VMworld 2017 Content: Not for publication #VMworld #MMC1532BE Disclaimer This presentation
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1510 Introduction to NSX-T Architecture Dimitri Desmidt ddesmidt@vmware.com Andrew Voltmer avoltmer@vmware.com #VMworld #NET1510BU Disclaimer This presentation may contain product features that are
More informationIntroducing VMware Validated Designs for Software-Defined Data Center
Introducing VMware Validated Designs for Software-Defined Data Center VMware Validated Design 4.0 VMware Validated Design for Software-Defined Data Center 4.0 You can find the most up-to-date technical
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET2415BU Utilizing NSX load balancing for scalability, reliability, and security: Overview, best practices, and customer case study Luke Hoffer Sr. Systems Engineer, VMware Rush Maniar Sr. Product Manger,
More informationIntroducing VMware Validated Designs for Software-Defined Data Center
Introducing VMware Validated Designs for Software-Defined Data Center VMware Validated Design for Software-Defined Data Center 4.0 This document supports the version of each product listed and supports
More informationThe Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec
The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec James Edwards Product Marketing Manager Dan Watson Senior Systems Engineer Disclaimer This session may contain product
More informationSpeaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec
SIE3197BE Secure Your Windows 10 and Office 365 Deployment with VMware Security Solutions Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel #VMworld #SIE3197BE Speaker Introduction
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1591BU Delivering Virtual Desktops and Apps via the Digital Workspace with Workspace ONE and VMware Horizon VMworld 2017 Content: Not for publication Peter Bjork @thepeb & Matt Coppinger @mcopping #VMworld
More informationIntroducing VMware Validated Designs for Software-Defined Data Center
Introducing VMware Validated Designs for Software-Defined Data Center VMware Validated Design for Software-Defined Data Center 3.0 This document supports the version of each product listed and supports
More informationPractical Path to VMware NSX Nimish Desai - NSBU, VMware
Practical Path to VMware NSX Nimish Desai - NSBU, VMware Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment
More informationNET1846. Introduction to NSX. Milin Desai, VMware, Inc Kausum Kumar, VMware, Inc
NET1846 Introduction to NSX Milin Desai, VMware, Inc Kausum Kumar, VMware, Inc Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationSecuring VMware NSX MAY 2014
Securing VMware NSX MAY 2014 Securing VMware NSX Table of Contents Executive Summary... 2 NSX Traffic [Control, Management, and Data]... 3 NSX Manager:... 5 NSX Controllers:... 8 NSX Edge Gateway:... 9
More informationSymantec and VMWare why 1+1 makes 3
Symantec and VMWare why 1+1 makes 3 Finn Henningsen Principal Systems Engineer Peter Schjøtt Principal Systems Engineer Rasmus Rask Eilersen Principal Systems Engineer Symantec and VMWare 1 Tak til vores
More informationAgenda Introduce NSX-T: Architecture Switching Routing Firewall Disclaimer This presentation may contain product features that are currently under dev
NET1863BE NSX-T Advanced Architecture Concepts Dimitri Desmidt / Yasen Simeonov September 2017 Agenda Introduce NSX-T: Architecture Switching Routing Firewall Disclaimer This presentation may contain product
More informationIntroducing VMware Validated Design Use Cases. Modified on 21 DEC 2017 VMware Validated Design 4.1
Introducing VMware Validated Design Use Cases Modified on 21 DEC 2017 VMware Validated Design 4.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018
REVISED 6 NOVEMBER 2018 Table of Contents Architectural Overview Workspace ONE Logical Architecture GUIDE 2 VMware Workspace ONE Cloud-Based Reference Architecture - Architectural Overview Architectural
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1522BU Kubernetes Networking with NSX-T Deep Dive #VMworld #NET1522BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationIntroducing VMware Validated Design Use Cases
Introducing VMware Validated Design Use Cases VMware Validated Designs 4.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1522BE Kubernetes Networking with NSX-T Deep Dive Ali Al Idrees Yves Fauser #VMworld #NET1522BE Disclaimer This presentation may contain product features that are currently under development. This overview
More informationDeploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3
Deploying VMware Identity Manager in the DMZ SEPT 2018 VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1949BU Seamless Network Connectivity for Virtual and Bare-metal s with NSX Suresh Thiru Sridhar Subramanian VMworld 2017 Content: Not for publication VMworld 2017 - NET1949BU Disclaimer This presentation
More informationDeploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2
Deploying VMware Identity Manager in the DMZ JULY 2018 VMware Identity Manager 3.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
LHC1753BU Case Study: How VMware NSX Is Empowering a Service Provider to Help Customers Achieve and Maintain Industry Compliance VMworld 2017 Content: Not for publication #VMworld #LHC1753BU Disclaimer
More informationREVISED 1 AUGUST REVIEWER'S GUIDE FOR VMWARE APP VOLUMES VMware App Volumes and later
REVISED 1 AUGUST 2018 REVIEWER'S GUIDE FOR VMWARE APP VOLUMES VMware App Volumes 2.13.1 and later Table of Contents Introduction Audience What You Will Learn Navigating This Document for App Volumes Use
More informationPlanning and Preparation. VMware Validated Design 4.0 VMware Validated Design for Remote Office Branch Office 4.0
VMware Validated Design 4.0 VMware Validated Design for Remote Office Branch Office 4.0 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you
More informationREVISED 1 AUGUST QUICK-START TUTORIAL FOR VMWARE APP VOLUMES VMware App Volumes and later
REVISED 1 AUGUST 2018 QUICK-START TUTORIAL FOR VMWARE APP VOLUMES VMware App Volumes 2.13.1 and later Table of Contents Introduction Audience What You Will Learn Navigating This Document for App Volumes
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
PBO1221BE Beginners Guide to the Software-Defined Data Center Kyle Gleed, Group Manager, Technical Marketing Ben Sier, Staff Architect, Technical Marketing #VMworld #PBO1221BE Disclaimer This presentation
More informationThe Evolution of Data Center Security, Risk and Compliance
#SymVisionEmea #SymVisionEmea The Evolution of Data Center Security, Risk and Compliance Taha Karim / Patrice Payen The Adoption Curve Virtualization is being stalled due to concerns around Security and
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
PBO1295BU VMware Validated Design for Remote/Branch Office Technical Overview VMworld 2017 Content: Not for publication ##VMworld #PBO1295BU Disclaimer This presentation may contain product features that
More informationPaloalto Networks PCNSA EXAM
Page No 1 m/ Paloalto Networks PCNSA EXAM Palo Alto Networks Certified Network Security Administrator Product: Full File For More Information: /PCNSA-dumps 2 Product Questions: 50 Version: 8.0 Question:
More informationDatacenter Security: Protection Beyond OS LifeCycle
Section Datacenter Security: Protection Beyond OS LifeCycle 1 Not so fun Facts from the Symantec ISTR 2017 Report Zero-Day Vulnerability, annual total Legitimate tools, annual total 6,000 5 5,000 4,000
More informationNSX Data Center Load Balancing and VPN Services
NET2761BU NSX Data Center Load Balancing and VPN Services Derek Deukyoon Kang, VMware, Inc. Vinay Reddy, VMware, Inc. #vmworld #NET2761BU Disclaimer This presentation may contain product features or functionality
More informationKaspersky Security for Virtualization Frequently Asked Questions
Kaspersky Security for Virtualization Frequently Asked Questions 1. What is Kaspersky Security for Virtualization, and how does it work with vshield technology? Kaspersky Security for Virtualization for
More informationVMware Cloud Provider Platform
VMware Cloud Provider Platform Enabling your journey to multicloud Winston Benjamin Systems Engineer Cloud Provider Program Disclaimer This presentation may contain product features that are currently
More informationVMWARE HORIZON 7. End-User Computing Today. Horizon 7: Delivering Desktops and Applications as a Service
DATASHEET VMWARE 7 AT A GLANCE 7 delivers virtualized or hosted desktops and applications through a single platform to end users. These desktop and application services including Remote Desktop Services
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
LHC2103BU NSX and VMware Cloud on AWS: Deep Dive Ray Budavari, Senior Staff Technical Product Manager NSX @rbudavari #VMworld #LHC2103BU Disclaimer This presentation may contain product features that are
More informationAgenda Basecamp The Journey So Far Enhancements Into the Fear Zone Climbing The VM-Series Performance Peak New VM-Series Models and Licensing Best Pra
SAI3317BES What s New in Palo Alto Networks VM-Series Integration with VMware NSX A Deep Dive VMworld 2017 Sudeep - Product Line Manager Sai - Product Marketing Content: Not for publication Agenda Basecamp
More informationVMware Horizon Suite:
VMware Horizon Suite: The Platform for Workforce Mobility Ralf von Gunten Sr. Systems Systems Engineer 2010 VMware Inc. All rights reserved Disclaimer This presentation may contain product features that
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
LHC2673BU Clearing Cloud Confusion Nick King and Neal Elinski #VMworld #LHC2673BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
LHC2384BU VMware Cloud on AWS A Technical Deep Dive Ray Budavari @rbudavari Frank Denneman - @frankdenneman #VMworld #LHC2384BU Disclaimer This presentation may contain product features that are currently
More informationKASPERSKY ENDPOINT SECURITY FOR BUSINESS
KASPERSKY ENDPOINT SECURITY FOR BUSINESS 1 WHAT WE SEE TODAY 325,000 New Endpoint Threats per day Targeted attacks and malware campaigns Threat reports Continued Exploitation of Vulnerabilities in 3rd
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationSAS and F5 integration at F5 Networks. Updates for Version 11.6
SAS and F5 integration at F5 Networks Updates for Version 11.6 Managing access based on Identity Employees Partner Customer Administrator IT challenges: Control access based on user-type and role Unify
More informationSecuring VMware NSX-T J U N E 2018
Securing VMware NSX-T J U N E 2018 Securing VMware NSX Table of Contents Executive Summary...2 NSX-T Traffic [Control, Management, and Data]...3 NSX Manager:...7 NSX Controllers:...9 NSX Edge:...10 NSX-T
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
PBO2631BE A Base Design for Everyone s Data Center: The Consolidated VMware Validated Design (VVD) Gary Blake Senior SDDC Integration Architect garyjblake #VMworld #PB02631BE Disclaimer This presentation
More informationTrust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved
Trust in the Cloud Mike Foley RSA Virtualization Evangelist 2009/2010/2011 1 2010 VMware Inc. All rights reserved Agenda How do you solve for Trust = Visibility + Control? What s needed to build a Trusted
More informationZero Trust Security with Software-Defined Secure Networks
Zero Trust Security with Software-Defined Secure Networks Srinivas Nimmagadda and Pradeep Nair Juniper Networks This statement of direction sets forth Juniper Networks current intention and is subject
More informationIntroduction. The Safe-T Solution
Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,
More informationDisclaimer This presentation may contain product features that are currently under development This overview of new technology represents no commitmen
ADV1609BE Any App, Anywhere, Any Device with Blast Extreme Matt Coppinger, VMware John Wilkinson, VMware #VMworld #ADV1609BE Disclaimer This presentation may contain product features that are currently
More informationPRINTED 13 APRIL 2018 NETWORK PORTS IN VMWARE HORIZON 7
PRINTED 13 APRIL 2018 NETWORK PORTS IN VMWARE HORIZON 7 Table of Contents About This Guide Client Connections Internal Connection External Connection Tunneled Connection Virtual Desktop or RDS Host View
More informationEvolution of Data Center Security Automated Security for Today s Dynamic Data Centers
Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco Twitter: @CiscoDCSecurity 2 Any
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationHorizon Console Administration. 13 DEC 2018 VMware Horizon 7 7.7
Horizon Console Administration 13 DEC 2018 VMware Horizon 7 7.7 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this
More informationWHITE PAPER OCTOBER VMWARE NSX WITH CHECK POINT vsec. Enhancing Micro-Segmentation Security
WHITE PAPER OCTOBER 2017 VMWARE NSX WITH CHECK POINT vsec Enhancing Micro-Segmentation Security Table of Contents Executive Summary 3 VMware NSX Network Virtualization Overview 5 East-West Versus North-South
More informationDeploying and Configuring VMware Unified Access Gateway. 04 DEC 2018 Unified Access Gateway 3.4
Deploying and Configuring VMware Unified Access Gateway 04 DEC 2018 Unified Access Gateway 3.4 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationInstalling and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.
Installing and Configuring VMware Identity Manager Connector 2018.8.1.0 (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on
More informationPasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP
Pasiruoškite ateičiai: modernus duomenų centras Laurynas Dovydaitis Microsoft Azure MVP 2016-05-17 Tension drives change The datacenter today Traditional datacenter Tight coupling between infrastructure
More informationVMware Enterprise Desktop Solutions. Tommy Walker Enterprise Desktop Specialist Engineer Desktop Platform Solutions
VMware Enterprise Desktop Solutions Tommy Walker Enterprise Desktop Specialist Engineer Desktop Platform Solutions Agenda The Enterprise Desktop Market Assured Computing Environment (ACE) Virtual Desktop
More informationVMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager
VMware Identity Manager Cloud Deployment Modified on 01 OCT 2017 VMware Identity Manager You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The
More informationVMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager
VMware Identity Manager Cloud Deployment DEC 2017 VMware AirWatch 9.2 VMware Identity Manager You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationDynamic Datacenter Security Solidex, November 2009
Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic
More informationIBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture
IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture Date: 2017-03-29 Version: 1.0 Copyright IBM Corporation 2017 Page 1 of 16 Table of Contents 1 Introduction... 4 1.1 About
More informationVMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no
LHC3296BUS OVH: Shields Up! Building a True Security Barrier in the Cloud Chris Romano, Principal Systems Engineer #VMworld #LHC3296BUS VMworld disclaimer This presentation may contain product features
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
STO2451BU Automating Disaster Recovery Operations in the SDDC with SRM, vrealize Automation, and NSX VMworld 2017 Shobhan Lakkapragada Director of Product Management Stefan Tsonev Director of Engineering
More informationAGENDA Introduction Pivotal Cloud Foundry NSX-V integration with Cloud Foundry New Features in Cloud Foundry Networking NSX-T with Cloud Fou
NET1523BE INTEGRATING NSX AND CLOUD FOUNDRY Usha Ramachandran Staff Product Manager, Pivotal Sai Chaitanya Product Line Manager, VMware VMworld 2017 Content: Not for publication #VMworld AGENDA 1 2 3 4
More informationSecuring the Modern Data Center with Trend Micro Deep Security
Advania Fall Conference Securing the Modern Data Center with Trend Micro Deep Security Okan Kalak, Senior Sales Engineer okan@trendmicro.no Infrastructure change Containers 1011 0100 0010 Serverless Public
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
ADV1591BE Delivering Virtual Desktops and Apps via the Digital Workspace with Workspace ONE and VMware Horizon VMworld 2017 Content: Not for publication Johan van Amersfoort & Stephane Padique #VMWORLD
More informationVMware vsphere Clusters in Security Zones
SOLUTION OVERVIEW VMware vsan VMware vsphere Clusters in Security Zones A security zone, also referred to as a DMZ," is a sub-network that is designed to provide tightly controlled connectivity to an organization
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1927BU vsphere Distributed Switch Best Practices for NSX Gabriel Maciel VMware, Inc. @gmaciel_ca #VMworld2017 #NET1927BU Disclaimer This presentation may contain product features that are currently
More informationFeatures. HDX WAN optimization. QoS
May 2013 Citrix CloudBridge Accelerates, controls and optimizes applications to all locations: datacenter, branch offices, public and private clouds and mobile users Citrix CloudBridge provides a unified
More informationIntroducing VMware Validated Designs for Software-Defined Data Center
Introducing VMware Validated Designs for Software-Defined Data Center 17 JUL 2018 VMware Validated Design 4.3 VMware Validated Design for Software-Defined Data Center 4.3 You can find the most up-to-date
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
LHC1882BE Service Overview for VMware Cloud on AWS Marc Umeno #VMworld #LHC1882BE Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationTECHNICAL WHITE PAPER AUGUST 2017 REVIEWER S GUIDE FOR VIEW IN VMWARE HORIZON 7: INSTALLATION AND CONFIGURATION. VMware Horizon 7 version 7.
TECHNICAL WHITE PAPER AUGUST 2017 REVIEWER S GUIDE FOR VIEW IN VMWARE HORIZON 7: INSTALLATION AND CONFIGURATION VMware Horizon 7 version 7.x Table of Contents Introduction.... 3 JMP Next-Generation Desktop
More informationREVISED 6 NOVEMBER 2018 COMPONENT DESIGN: UNIFIED ACCESS GATEWAY ARCHITECTURE
REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: UNIFIED ACCESS GATEWAY ARCHITECTURE Table of Contents Component Design: Unified Access Gateway Architecture Design Overview Network Deployment Options Authentication
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SAAM1150BU Enabling Simple, Secure Access to Your Horizon and Citrix Virtual Desktops and Apps with Workspace ONE VMworld 2017 Content: Not for publication Greg Armanini & Matt Coppinger #VMWORLD #ADV1591BU
More informationIntroduction and Data Center Topology For Your System
Introduction and Data Center Topology For Your System This chapter provides an introduction, a data center overview, and VMware vcenter requirements for your system. Introducing Cisco WebEx Meetings Server,
More information1V0-642.exam.30q.
1V0-642.exam.30q Number: 1V0-642 Passing Score: 800 Time Limit: 120 min 1V0-642 VMware Certified Associate 6 Network Visualization Fundamentals Exam Exam A QUESTION 1 Which is NOT a benefit of virtualized
More informationvsan Security Zone Deployment First Published On: Last Updated On:
First Published On: 06-14-2017 Last Updated On: 11-20-2017 1 1. vsan Security Zone Deployment 1.1.Solution Overview Table of Contents 2 1. vsan Security Zone Deployment 3 1.1 Solution Overview VMware vsphere
More informationArchitecting the Digital Workspace with VMware Horizon 7
VMware vcloud Architecture Toolkit for Service Providers Architecting the Digital Workspace with VMware Horizon 7 Version 2.9 January 2018 Ray Heffer VERSION 1.0 2018 VMware, Inc. All rights reserved.
More informationSymantec Reference Architecture for Business Critical Virtualization
Symantec Reference Architecture for Business Critical Virtualization David Troutt Senior Principal Program Manager 11/6/2012 Symantec Reference Architecture 1 Mission Critical Applications Virtualization
More informationAchieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER
Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER Table of Contents The Digital Transformation 3 Four Must-Haves for a Modern Virtualization Platform 3
More informationTransform to Your Cloud
Transform to Your Cloud Presented by VMware 2012 VMware Inc. All rights reserved Agenda Corporate Overview Cloud Infrastructure & Management Cloud Application Platform End User Computing The Journey to
More informationRethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team
Rethinking Security CLOUDSEC2016 Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team Breaches Are The New Normal Only The Scale Surprises Us OPM will send notifications
More informationIntroducing VMware Validated Designs for Software-Defined Data Center
Introducing VMware Validated Designs for Software-Defined Data Center 13 FEB 2018 VMware Validated Design 4.2 VMware Validated Design for Software-Defined Data Center 4.2 You can find the most up-to-date
More information