Make micro-segmentation work for you: A collection of customer stories
The Current Model is Broken
3. Attacks are taking a bigger toll. The cost of data
breaches to companies also continues to increase,
according to the Ponemon Institute.
Network security breaches are more and more
common and are effecting people in all areas.
They’ve hit business sectors from retail and financial
to healthcare and government. They impact the
world’s largest and most sophisticated organizations,
as well as smaller firms.
Average Cost of Data Breach
The cost of a data breach can easily reach millions or
hundreds of millions of dollars. It can include forensic
experts, in-house investigations, loss of customers,
lower customer acquisition rates and free credit or
identity monitoring subscriptions to bolster trust.
If the security breach succeeds in stealing valuable
customer or employee information, the costs are
virtually incalculable. While the news reports alone
show current strategies are not working, other data
supports that conclusion as well:
$3
$3.5
2013
2014
million
million
Figure 1: Cost of Data Breach Study 2014, Ponemon Institute, 2014
Complex security mechanisms like physical firewalls
that protect the perimeter, are not enough to
adequately protect data centers. Physical devices
can’t be everywhere at once: It’s simply too
complicated and expensive to locate firewalls
everywhere in the data center. And once malware is
behind the firewall, it can easily move from workload
to workload. This lateral movement is possible
because of a lack of sufficient internal network
controls to regulate sever-to-server, or east-west
network traffic.
1. Companies continue to invest heavily in
security. In the U.S. alone, companies are
collectively spending billions on security every
year — and significantly boosting their annual
security spending.
2. Attacks continue to be successful. The average
company experiences two successful attacks
each week, according to a global survey by
PriceWaterhouseCoopers1.
1. G lobal State of Information Security Survey 2015, PriceWaterhouseCoopers, 2014
1
It’s time for a new approach.
Micro-segmentation, enabled by VMware NSX,
is a breakthrough model for data center security.
Network security policies are enforced by firewall
controls integrated into the hypervisors that are
already distributed throughout the data center.
This enables security that is both ubiquitous and
granular. Security policies can also be changed
more easily — even automatically — and adapt
dynamically to changes in workloads.
See how these organizations have used VMware NSX
micro-segmentation to gain:
• Improved security
• Improved agility
• Improved flexibility
Network Virtualization Makes
Micro-segmentation Possible
VMware® NSX™, the network virtualization
platform for the Software-Defined Data Center,
creates a virtual network that is independent of the
underlying IP network hardware. IT can simply treat
the physical network as a pool of transport capacity.
Much like the server virtualization model, a
“network hypervisor” reproduces Layer 2 to Layer 7
networking services in software. These services can
be assembled in any combination in a matter of
seconds — to produce a new network configuration.
You can programmatically create, provision,
snapshot, delete and restore complex networks.
Micro-segmentation lets you secure traffic between
VMs, as well as between VMs and physical hosts. Create
and apply security policies down to the level of virtual
network interface cards. And policies will automatically
move with the workload, even if the physical IP address
changes. With micro-segmentation it’s even easier to
integrate other types of security products into the data
center than with physical security.
2
Please complete the form to gain access to this content
