Solution overview

VMware NSX enables the creation of entire networks in software. It abstracts the underlying physical hardware and embeds it into the Hypervisor. You can save networks, delete them, restore them—just like virtual machines. VMware NSX represents a new paradigm in network design, but as the virtual infrastructure grows it often connects to legacy physical networks as well as private and public clouds. These networks create more access paths within and across the hybrid data center; making it difficult to understand what is exposed to the internet, where attackers can go, and what access a given host has.

Unify physical, virtual and cloud security

With RedSeal network security software, your physical, public and private cloud network environments become a unified security architecture capable of being modeled, tested and measured. RedSeal network security software easily integrates with VMware NSX giving you the ability to assess the security of your Software Defined Data Center (SDDC) as well as the rest of your hybrid data center. It gives you the means to analyze both east-west and north-south traffic and to validate micro-segmentation. RedSeal can also drill-into the Distributed Firewall (DFW) security groups and provide you with the specific rules that apply to individual workloads (hosts). This feature makes it easy for security teams to ensure that only authorized access is allowed.

Model, test and measure unified architecture

RedSeal interoperates with VMware NSX just as it does with your physical devices. It will automatically collect and import the following data:

  • Distributed logical routers and access rules
  • Edge gateway routers and access rules
  • Load balancing rules
  • Distributed Firewall rules
  • Security groups and rules
  • Networks
  • Workloads (hosts)

RedSeal provides the full feature set to VMware NSX that exists for all RedSeal supported devices. It provides security teams with improved network context so they can see the security posture of their physical, public and private cloud network environments as well as the end-to-end access across their hybrid infrastructure. It accelerates vulnerability management and incident response by prioritizing vulnerabilities and indicators of compromise based on access to untrusted networks and critical assets. And, it validates compliance with industry secure configuration guidelines so security teams can systematically improve the resilience of their hybrid IT environments.