Next Gen Network Security topologies

Introduction In this blogpost I want to discuss the benefits of using a Software Defined Network (SDN) solutions in the evolving network security landscape. What, why and how: network security and micro-segmentation? In traditional networking environments filtering (from now on I will call it “firewalling”) is executed at the edge (or perimeter) of each...

vRNI (non-described) issue: hostname/IP is unreachable when adding vCenter as a Data Source

Problem Description: Today I ran into a problem when adding a vCenter server by its hostname to vRealize Network Insight. I received the following error message: Hostname/IP is unreachable. Which (as explained in this VMware KB article) should be related to a network connectivity issue. But after doing some troubleshooting (ping, curl and nslookup...

Designing a NSX Security framework

As described in my previous blog, implementing micro-segmentation can have a operational burden on the network/security teams who must manage the environment. There are multiple ways to organize the NSX firewall rulebase leveraging the NSX Distributed Firewall (DWF), to enable micro-segmentation. One of the methods is using a (non-official) security framework. The NSX Security...