As a vRealize user I’ve always been extremely interested in Network Insight. The ability to map traffic from one point to the next is well worth the time investment. Especially in an environment that is new, or one that you do not fully understand. I’ve been in both situations myself. The roughest is when you have been in a place for a while and they still do not know the mapping from an application to the external connection, or to its database. This is a great feature of vRealize Network Insight. Lets look at the announcements we’ve heard.
First, lets understand that most companies footprint has grown, and by growing you have increased the weakness for security gaps. Those gaps can allow infiltrators into your environment. Once in they start trying to either elevate rights or move in your network. This is the East to West traffic that is now the battleground of your environment. By using something like micro-segmentation in NSXT you can keep apps that have been infected from infecting other apps. East-West Traffic is now the security battleground.
With the announcement of VMware TAU(Threat Analysis Unit) you can now leverage machine learning to look for bad traffic within your firewalls. This capability is able to scan up to 20 TBPs which is industry leading. The capability starts with your NSXT appliance, and leverages NSX Intelligence to use this ML/AI to find bad operators in your environment.
NSXT already has great capabilities for IDS/IPS since 3.0 and with these new additions to allow advanced threat prevention to your environment you can engage and be prepared for the battle.
Lets go back to that idea of tracking things from the network. vRealize Network Insight(VRNI) has amazing capability to track what is happening on your network and mapping it in front of you. Now add to it the ability to state what you want to communicate to each other, and then it tells you how to set the proper ACLs, firewalls, etc. VRNI 6.0 does just that. This is a new feature known as Assurance and Verification. This will look at what you want to communicate to each other, and take the understanding of the network to state how it can be achieved.
One more thing to add to this functionality is the ability for the information to port into vRealize Operations so users can see what is needed, and what is happening. Very great addition.
Edge Network Intelligence
Finally with all the possible malware that can hit your network. Lets take this, and apply it to our edge devices? This is where Edge Network Intelligence comes in.
The ability to see the devices within your network and see the issues that are happening and the major problems that need to be addressed. This can look inside the lan, outside the WAN or in the application itself.
Its all great stuff on this side of the fence. The problem is we still have hands to get on to these solutions and truly see how they interact with each other and verify what they can do. Its a challenge for sure, but the execution of these announcements could truly make a huge leap for customer capabilities to deal with malware, and verify their traffic runs as designed.