Companies by now know exactly how exactly a cloud infrastructure can benefit their business. The biggest glitch though, is security. To address this, Palo Alto Networks and VMware have announced their jointly developed solution that will enable enterprises to use the VMware NSX network virtualisation platform to automate provisioning and distribution of Palo Alto Networks next-generation network security in their software-defined datacentres.
Security provisioning and change management is an operational challenge for today’s dynamic cloud datacentre environments. Network security configuration and policy assignment can be slow, rigid and lag behind the pace and ease of application provisioning. At the same time, a next-generation security platform – where security policies are tied to applications, users and data – is a growing requirement for an effective cybersecurity strategy.
Palo Alto Networks and VMware have partnered to deliver an integrated solution that combines the Palo Alto Networks VM-Series virtualised next-generation security platform with the VMware NSX network virtualisation platform. With this joint solution, enterprises will be able to unify next-generation network security across their physical and virtual environments with a single point of management.
“The cloud introduces new security challenges, and legacy security systems based on physical attributes such as port and protocol just aren’t adequate to secure these highly dynamic environments,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. “A next-generation security approach that eases operational challenges through integration with network virtualisation is a requirement for customers to confidently extend their deployments to cloud.”
The combined solution will enable enterprises to use the network services insertion capabilities of VMware NSX with Palo Alto Networks’ security technologies to easily deploy, move, scale and protect applications in their software-defined datacentres. This can mean more agility and efficiency through centralised policy management and implementation.
“We developed VMware NSX with an understanding that customers will want to continue to leverage previous IT investments with their strategic technology partners. For next-generation network security, Palo Alto Networks is a leading partner, delivering innovative solutions for security in the software-defined data center. Palo Alto Networks and VMware customers will be able to use the distributed service framework of VMware NSX for fast and easy insertion of Palo Alto Networks security services, and achieve unified protection across their physical and virtual environments,” said Hatem Naguib, Vice President, Networking and Security, VMware
Palo Alto already markets a VM-based next-generation firewall. But Danelle Au, Palo Alto’s director of solutions marketing acknowledges there can be issues associated with using next-generation firewalls for applications running in a virtualised environment. “While VMs can be spun up in minutes, it takes weeks or months to deploy the security for the applications, either on the VM hypervisor or as physical firewalls,” Au acknowledges. She said establishing security policies for dynamic workloads can take considerable time and remains a somewhat manual process.
This integrated solution is now in beta with general availability planned in the first half of 2014.