There is no arguing that the data center has fundamentally changed - yesterday’s hardware siloes have been replaced by today’s virtualized data centers and clouds. The global leader in this industry shift to server virtualization is VMware. At vArmour, it is our priority to support VMware customers around the world in protecting their virtualized data centers with our application-aware micro-segmentation capabilities. So today, we are pleased to announce our official status as a VMware Ready technology partner, to segment and secure virtualized workloads running on VMware vSphere with vArmour DSS.
In addition to this VMware Ready announcement, we are coming off of a great week of customer meetings at VMworld and a joint webinar with VMware User Group. From these engagements, we have compiled a list of the most frequently asked questions and answers we hear from VMware users on how to use micro-segmentation from vArmour to protect their vSphere environments:
How is vArmour DSS Distributed Security System deployed on VMware vSphere?
vArmour DSS typically deploys on each vSphere hypervisor, placing granular, Layer 7 security policy controls directly adjacent to each VM. Once installed, vArmour DSS operates independent of the underlying hypervisor. vArmour DSS uses standard vSwitching technologies to intercept traffic that is then protected with our application-layer security controls.
How does vArmour DSS integrate with features of vSphere?
vArmour DSS can integrate with VMware vCenter to provide manual and automated asset placement into appropriate zones within the vCenter UI. vArmour DSS can also support live migration of workloads via vMotion by maintaining applicable vArmour application-layer security policies, no matter where VMs may travel.
I’m moving some of my less critical workloads into other cloud environments, such as OpenStack and Amazon Web Services - can vArmour secure these workloads, too?
Yes, vArmour DSS supports multi-hypervisor, cloud, and bare metal workload placement. IT organizations can continuously monitor network, application, and user traffic and enforce security policies across these environments, with a single management interface.