VMware NSX 是如何運作的?
Check Point 利用 VMware NSX 的本機安全功能、自動化和可擴充性框架在軟體定義資料中心內動態插入、部署和編排進階安全服務,以增強客戶的 VMware NSX 安全性。
VMware NSX 提供網路虛擬化,並透過利用網路封裝來實現這一點。這會將流經 NSX 的網路流量封裝在實體網路硬體本機支援的協定(例如GRE )內。但是,實體硬體沒有對實際封裝流量的可見性。
NSX閘道器部署在內部虛擬網路與實體網路的所有連接處。這可讓您在從實體連線轉換到虛擬連線並再次返回時根據需要套用封裝和移除。
VMware NSX 的主要功能和優點
VMware NSX 使用網路功能虛擬化(NFV) 來提供許多優勢,包括:
- 網路自動化: VMware NSX 是一種軟體定義網路 (SDN) 解決方案。這使得網路基礎設施的部署、配置和更新自動化成為可能,因為所有元件都被虛擬化並以程式碼的形式實現。因此,網路更加敏捷、適應性更強。
- 多雲支援:不同的雲端環境可能有不同的網路基礎設施和安全實現,使得多雲環境複雜且難以確保安全。網路虛擬化在所有環境中提供一致的網路基礎設施,從而增強其效能和安全性。
- 內在分段: 網路分段是網路安全的基礎,使不同的系統和網路部分相互隔離,並對所有跨境流量進行檢查和監控。透過虛擬化網絡,這些邊界可以在軟體中定義和實施,而不需要實體網路基礎設施和防火牆。
- 降低開銷:VMware NSX 可讓網路和安全功能從實體設備轉換為軟體定義的解決方案。 這樣可以減少採購、配置、管理和維護這些設備的成本,同時降低資本開支 (CapEx) 和營運開支 (OpEx)。
雲端網路安全與視覺化
VMware NSX 在本地端和雲端為基礎的環境中提供完整的網路虛擬化。這種虛擬化提供了跨雲端平台的網路一致性,並提供了雲端中通常缺乏的可見性等級。此外,NSX 支援虛擬化網路基礎架構分段,可輕鬆定義和實施內部網路邊界,從而提供更精細的流量可見度和安全性策略實作。
Check Point Check Point Cloud Firewall provides consistent policy management and enforcement of advanced security protections, is automatically deployed and dynamically orchestrated into software-defined data center environments. Check Point leverages the capabilities of VMware NSX to complement and enhance its integrated security capabilities. By integrating with NSX, Check Point is able to achieve deeper visibility and provide improved security for public, private, hybrid, and multi-cloud environments.
Securing the Cloud with VMware NSX and Check Point
VMware NSX offers an array of integrated security protections. Its virtualization simplifies network segmentation and enforcement of security policies. Check Point Cloud Firewall for VMware NSX uses NSX’s capabilities to insert its own advanced threat prevention and multi-layered security protections into cloud environments to further enhance customers’ VMware NSX security.
這提供了許多雲端資安的好處,例如:
- Security Automation and Orchestration: Cloud environments are fast-moving, and rapid cloud adoption means that organizations’ cloud infrastructure often sprawls over multiple vendors and types of cloud deployments. By integratingwith NSX, Check Point is able to automatically configure and update security policies and settings at the network level to meet the changing requirements of the business.
- Policy and Compliance Enforcement: With the network-level visibility and control provided by NSX, Check Point has deep visibility into cloud network traffic. This allows it to enforce contextual security policies to ensure that activities in the cloud comply with corporate policy and the requirements of applicable regulations, such as the Payment Card Industry Data Security Standard (PCI DSS).
- Data Protection: Data leaks from cloud infrastructure are common, most often due to poor security configurations. Together, VMware NSX and Check Point ensure that all traffic in the cloud undergoes security inspection to verify that no sensitive data is being leaked from the cloud.
- 集中安全管理: Check Point 的統一威脅管理解決方案旨在透過類別入口網站的單一窗格提供整個組織的整個 IT 基礎架構的可見性,包括本機系統以及公用、私有和混合雲端部署。與 VMware NSX 的深入技術和產品合作夥伴關係提供了先進的私有雲端資安以及跨雲端環境的網路流量所需的可見性。
Check Point and VMware’s partnership makes it easier to secure virtualized environments. To learn more about architecture best practices for VMware NSX security, check out this webinar. To read a customer story, click here or watch the video. You’re also welcome to sign up for a free Check Point demo to see its capabilities in action.
有關保護雲的問題和更多信息,請聯繫我們安排與雲端資安專家的討論。
